# Retrieve real-time user authentication and session audit logs

Requires audits::read:user permission.

Endpoint: GET /audit/tail/user
Version: 1.0.0
Security: JWTAuthorizer


## Response 200 fields