Data Export

Download request logs, traces, anomaly snapshots, and security flags as CSV or JSON in one shot. Connect directly to Pandas, Excel, Redash, Metabase, or any other BI tool, or ingest the data on a schedule into your own pipeline.

Endpoints

Endpoint	Data
`GET /api/v1/exports/requests`	Request logs — provider, model, tokens, cost, latency, etc.
`GET /api/v1/exports/traces`	Traces — span count, total cost, duration, etc.
`GET /api/v1/exports/anomalies`	Anomaly snapshots — daily history of buckets that exceeded 3σ
`GET /api/v1/exports/security`	Security flags — PII detections and prompt injection hits

All endpoints require JWT authentication (authJwt middleware). Include Authorization: Bearer <supabase_access_token> in the request header.

Common query parameters

Parameter	Default	Description
`format`	`csv`	`csv` or `json`
`from`	—	ISO 8601 start time (e.g. `2026-05-01T00:00:00Z`). Defaults to 30 days ago if omitted.
`to`	—	ISO 8601 end time. Defaults to now if omitted.
`limit`	`10000`	1–10,000. Maximum 10,000 rows per request. For more data, paginate using `from`/`to`.

Additional parameters for requests

Extra filters available only on GET /api/v1/exports/requests.

Parameter	Description
`projectId`	Export only requests belonging to a specific project.
`provider`	One of `openai` / `anthropic` / `gemini`.
`model`	Partial match, case-insensitive (e.g. `mini`).
`providerKeyId`	Only requests that used a specific provider key.
`status`	`ok` (2xx) / `4xx` / `5xx`.

File names

The response includes a Content-Disposition header with a date-stamped filename.

Endpoint	Example filename
`/exports/requests`	`spanlens-requests-2026-05-15.csv`
`/exports/traces`	`spanlens-traces-2026-05-15.csv`
`/exports/anomalies`	`spanlens-anomalies-2026-05-15.csv`
`/exports/security`	`spanlens-security-2026-05-15.csv`

CSV columns — requests

Column	Description
`id`	Unique request ID
`project_id`	Project this request belongs to
`provider`	openai / anthropic / gemini
`model`	Dated variant returned by the provider (e.g. `gpt-4o-mini-2024-07-18`)
`prompt_tokens`	Input token count (gross, including cached portion)
`completion_tokens`	Output token count
`total_tokens`	prompt + completion
`cost_usd`	Calculated cost in USD. Empty if the model is not in the price table.
`latency_ms`	Time from proxy receiving the request to last byte sent (ms)
`status_code`	HTTP status code returned by the provider
`error_message`	Error string. Empty for successful requests.
`trace_id`	Linked trace ID. Empty if the call was not made inside an SDK `observe()`.
`created_at`	When the request arrived at the proxy (ISO 8601 UTC)

CSV columns — traces

Column	Description
`id`	Unique trace ID
`project_id`	Project this trace belongs to
`name`	Trace name (specified in the SDK)
`status`	`ok` / `error`
`error_message`	Error string. Empty for successful traces.
`duration_ms`	First span start to last span end (ms)
`total_cost_usd`	Sum of costs across all requests in the trace (USD)
`total_tokens`	Sum of tokens across all requests in the trace
`span_count`	Number of spans in the trace
`started_at`	Trace start time (ISO 8601 UTC)
`ended_at`	Trace end time (ISO 8601 UTC)
`created_at`	When the row was saved to the database (ISO 8601 UTC)

curl examples

CSV download

# Request logs — specific date range, GPT-4o only, CSV
curl "https://spanlens-server.vercel.app/api/v1/exports/requests?from=2026-05-01T00:00:00Z&to=2026-05-15T23:59:59Z&provider=openai&model=gpt-4o&format=csv" \
  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
  -o spanlens-requests.csv

# Traces — last 7 days, JSON
curl "https://spanlens-server.vercel.app/api/v1/exports/traces?from=2026-05-08T00:00:00Z&format=json" \
  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
  -o spanlens-traces.json

# Anomaly history — defaults (30 days, CSV)
curl "https://spanlens-server.vercel.app/api/v1/exports/anomalies" \
  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
  -o spanlens-anomalies.csv

# Security flags — from a specific date
curl "https://spanlens-server.vercel.app/api/v1/exports/security?from=2026-05-01T00:00:00Z" \
  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \
  -o spanlens-security.csv

bash

JSON download

curl "https://spanlens-server.vercel.app/api/v1/exports/requests?format=json&limit=1000" \
  -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN"

# Response shape:
# [
#   {
#     "id": "req_xxx",
#     "project_id": "proj_xxx",
#     "provider": "openai",
#     "model": "gpt-4o-mini-2024-07-18",
#     "prompt_tokens": 512,
#     "completion_tokens": 128,
#     "total_tokens": 640,
#     "cost_usd": 0.000096,
#     "latency_ms": 843,
#     "status_code": 200,
#     "error_message": null,
#     "trace_id": null,
#     "created_at": "2026-05-15T09:00:00.000Z"
#   },
#   ...
# ]

bash

BI tool tips

Pandas (Python)

import pandas as pd
import requests, io

token = "YOUR_SUPABASE_ACCESS_TOKEN"
url = "https://spanlens-server.vercel.app/api/v1/exports/requests?from=2026-05-01T00:00:00Z&format=csv"

r = requests.get(url, headers={"Authorization": f"Bearer {token}"})
df = pd.read_csv(io.StringIO(r.text))

# Average cost by model
print(df.groupby("model")["cost_usd"].mean())

python

Excel

Download the .csv file with curl, then import it into Excel via Data → From Text/CSV. The created_at column is an ISO 8601 string — convert it with DATEVALUE + TIMEVALUE or Power Query's date/time type conversion before using it in pivot tables.

Limitations

10,000 row maximum. This is the hard cap per request. For larger datasets, paginate by splitting the time range with from/to.
request_body / response_body are not included. Body content is excluded for security and size reasons. View individual request bodies in the /requests detail view or via GET /api/v1/requests/:id.
Not real-time. Exports are a point-in-time snapshot. In-flight streaming requests or async logging delays may mean the most recent rows are not yet present.
Rate limit. Export endpoints are capped at 10 requests per minute. Space out calls in bulk batch pipelines.

Related: Requests, Traces, Anomalies, Security.