diff --git a/docs/references/api.md b/docs/references/api.md
index cc8294d0c..0dcd948e1 100644
--- a/docs/references/api.md
+++ b/docs/references/api.md
@@ -827,11 +827,9 @@ Response (200):
 }
 ```
 
-## Eventlog
-
 ### List events
 
-GET `/api/v1/eventlog` <scope>admin</scope>
+GET `/api/v1/cloudron/eventlog` <scope>admin</scope>
 
 Lists all the past events.
 
@@ -882,7 +880,7 @@ Response (200):
 
 To list all the app installation events:
 ```
-curl -X GET -H 'Authorization: Bearer cb0463455a6606482be7956fc3abd53330ae23244e3492cda3914a2c5154c47e' https://my-demo.cloudron.me/api/v1/eventlog?action=app.install
+curl -X GET -H 'Authorization: Bearer cb0463455a6606482be7956fc3abd53330ae23244e3492cda3914a2c5154c47e' https://my-demo.cloudron.me/api/v1/cloudron/eventlog?action=app.install
 ```
 
 ## Groups
diff --git a/src/routes/test/eventlog-test.js b/src/routes/test/eventlog-test.js
index 6f01dbe0c..700ed5b0f 100644
--- a/src/routes/test/eventlog-test.js
+++ b/src/routes/test/eventlog-test.js
@@ -87,7 +87,7 @@ describe('Eventlog API', function () {
 
     describe('get', function () {
         it('fails due to wrong token', function (done) {
-            superagent.get(SERVER_URL + '/api/v1/eventlog')
+            superagent.get(SERVER_URL + '/api/v1/cloudron/eventlog')
                    .query({ access_token: token.toUpperCase() })
                    .end(function (error, result) {
                 expect(result.statusCode).to.equal(401);
@@ -96,7 +96,7 @@ describe('Eventlog API', function () {
         });
 
         it('fails for non-admin', function (done) {
-            superagent.get(SERVER_URL + '/api/v1/eventlog')
+            superagent.get(SERVER_URL + '/api/v1/cloudron/eventlog')
                    .query({ access_token: token_1, page: 1, per_page: 10 })
                    .end(function (error, result) {
                 expect(result.statusCode).to.equal(403);
@@ -106,7 +106,7 @@ describe('Eventlog API', function () {
         });
 
         it('succeeds for admin', function (done) {
-            superagent.get(SERVER_URL + '/api/v1/eventlog')
+            superagent.get(SERVER_URL + '/api/v1/cloudron/eventlog')
                    .query({ access_token: token, page: 1, per_page: 10 })
                    .end(function (error, result) {
                 expect(result.statusCode).to.equal(200);
@@ -117,7 +117,7 @@ describe('Eventlog API', function () {
         });
 
         it('succeeds with action', function (done) {
-            superagent.get(SERVER_URL + '/api/v1/eventlog')
+            superagent.get(SERVER_URL + '/api/v1/cloudron/eventlog')
                    .query({ access_token: token, page: 1, per_page: 10, action: 'cloudron.activate' })
                    .end(function (error, result) {
                 expect(result.statusCode).to.equal(200);
@@ -128,7 +128,7 @@ describe('Eventlog API', function () {
         });
 
         it('succeeds with search', function (done) {
-            superagent.get(SERVER_URL + '/api/v1/eventlog')
+            superagent.get(SERVER_URL + '/api/v1/cloudron/eventlog')
                    .query({ access_token: token, page: 1, per_page: 10, search: EMAIL })
                    .end(function (error, result) {
                 expect(result.statusCode).to.equal(200);
@@ -139,7 +139,7 @@ describe('Eventlog API', function () {
         });
 
         it('succeeds with search', function (done) {
-            superagent.get(SERVER_URL + '/api/v1/eventlog')
+            superagent.get(SERVER_URL + '/api/v1/cloudron/eventlog')
                    .query({ access_token: token, page: 1, per_page: 10, search: EMAIL, action: 'cloudron.activate' })
                    .end(function (error, result) {
                 expect(result.statusCode).to.equal(200);
diff --git a/src/server.js b/src/server.js
index a546fef8e..88476d3eb 100644
--- a/src/server.js
+++ b/src/server.js
@@ -119,6 +119,7 @@ function initializeExpressSync() {
     router.put ('/api/v1/cloudron/ssh/authorized_keys', cloudronScope, routes.user.requireAdmin, routes.ssh.addAuthorizedKey);
     router.get ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.user.requireAdmin, routes.ssh.getAuthorizedKey);
     router.del ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.user.requireAdmin, routes.ssh.delAuthorizedKey);
+    router.get ('/api/v1/cloudron/eventlog', settingsScope, routes.user.requireAdmin, routes.eventlog.get);
 
     // profile api, working off the user behind the provided token
     router.get ('/api/v1/profile', profileScope, routes.profile.get);
@@ -210,9 +211,6 @@ function initializeExpressSync() {
     router.get ('/api/v1/settings/mail_config',        settingsScope, routes.user.requireAdmin, routes.settings.getMailConfig);
     router.post('/api/v1/settings/mail_config',        settingsScope, routes.user.requireAdmin, routes.settings.setMailConfig);
 
-    // eventlog route
-    router.get('/api/v1/eventlog', settingsScope, routes.user.requireAdmin, routes.eventlog.get);
-
     // feedback
     router.post('/api/v1/feedback', usersScope, routes.cloudron.feedback);
 
diff --git a/webadmin/src/js/client.js b/webadmin/src/js/client.js
index ca7475310..406ccad7e 100644
--- a/webadmin/src/js/client.js
+++ b/webadmin/src/js/client.js
@@ -527,7 +527,7 @@ angular.module('Application').service('Client', ['$http', 'md5', 'Notification',
             }
         };
 
-        get('/api/v1/eventlog', config).success(function (data, status) {
+        get('/api/v1/cloudron/eventlog', config).success(function (data, status) {
             if (status !== 200 || typeof data !== 'object') return callback(new ClientError(status, data));
 
             callback(null, data.eventlogs);