> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bunny.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Export the full filtered Event Logs set for a Shield Zone as CSV



## OpenAPI

````yaml https://api.bunny.net/shield/docs/v1/swagger.json post /shield/event-logs/{shieldZoneId}/export
openapi: 3.0.4
info:
  title: Bunny Shield API
  description: >-
    Bunny.net API for Bunny Shield (WAF, DDoS, Rate Limiting, Bot Detection,
    Access Lists & API Guardian).
  version: v1
servers:
  - url: https://api.bunny.net
security: []
paths:
  /shield/event-logs/{shieldZoneId}/export:
    post:
      tags:
        - Event Logs
      summary: Export the full filtered Event Logs set for a Shield Zone as CSV
      operationId: Export Event Logs
      parameters:
        - name: shieldZoneId
          in: path
          description: The ID of the Shield Zone.
          required: true
          schema:
            type: integer
            description: The ID of the Shield Zone.
            format: int32
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventLogsExportRequest'
          text/json:
            schema:
              $ref: '#/components/schemas/EventLogsExportRequest'
          application/*+json:
            schema:
              $ref: '#/components/schemas/EventLogsExportRequest'
      responses:
        '200':
          description: OK
          content:
            text/csv:
              schema:
                type: string
                format: binary
            application/json:
              schema:
                type: string
                format: binary
        '400':
          description: Bad Request
          content:
            text/csv:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '401':
          description: Unauthorized
          content:
            text/csv:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '500':
          description: Internal Server Error
components:
  schemas:
    EventLogsExportRequest:
      type: object
      properties:
        from:
          type: integer
          description: Window start as Unix time in milliseconds (UTC). Required.
          format: int64
        to:
          type: integer
          description: >-
            Window end as Unix time in milliseconds (UTC). Required; must be
            after
            BunnyNet.Shield.Api.Entities.Waf.WafLogging.EventLogsExportRequest.from
            and within the last 72 hours.
          format: int64
        query:
          type: string
          description: >-
            Optional free-text search across IP, ruleId, URL, User-Agent and
            rule name.
          nullable: true
        filters:
          type: array
          items:
            $ref: '#/components/schemas/EventLogsFilter'
          description: >-
            Optional filters, combined with AND. Repeated values within one
            filter combine with OR.
          nullable: true
      additionalProperties: false
      description: >-
        Request body for exporting a Shield Zone's full filtered Event Logs set
        as CSV.
    ProblemDetails:
      type: object
      properties:
        type:
          type: string
          nullable: true
        title:
          type: string
          nullable: true
        status:
          type: integer
          format: int32
          nullable: true
        detail:
          type: string
          nullable: true
        instance:
          type: string
          nullable: true
      additionalProperties: {}
    EventLogsFilter:
      type: object
      properties:
        field:
          type: string
          description: >-
            Dimension to filter on: feature, ruleId, ip, ja4, ua, url, asn,
            country or action.
          nullable: true
        op:
          type: string
          description: >-
            Operator: eq, in, contains, cidr (ip only, IPv4/IPv6) or wildcard
            ('*' matches any run).
          nullable: true
        value:
          type: array
          items:
            type: string
          description: Value(s) for the filter; multiple values are OR-combined.
          nullable: true
      additionalProperties: false
      description: A single Event Logs filter clause.

````