The audit log endpoint /api/v2/users/me/auditlog returns an empty array for credential rotation events on our 15 BYOC trunks, despite successful rotation via the admin UI. This creates a compliance gap for our SOC 2 Type II audit requirements in the APAC region. The standard PSTN trunk rotations are logged correctly, but BYOC entries are absent.
Steps to reproduce:
- Navigate to Admin > Telephony > Phone System > Trunks.
- Select a BYOC trunk (e.g., SG-BYOC-01) and click ‘Rotate Credentials’.
- Confirm the rotation; SIP registration re-establishes successfully with the new password.
- Query the audit log API for the last 24 hours filtered by
eventType=TRUNK_CREDENTIAL_ROTATION. - Observe that the specific BYOC trunk rotation event is missing from the response.
We are using Genesys Cloud API v2 SDK (Python 3.9.1). The SIP registration logs confirm the new credentials are active, so the rotation itself is functional. However, the lack of an audit trail for these specific trunks is blocking our security validation process. Is this a known limitation for BYOC configurations, or is there a specific IAM permission required to surface these logs? The PSTN equivalents work as expected, suggesting a potential gap in the BYOC logging pipeline.