Paginates forward in time from a given audit log ID. It takes a log ID parameter to begin fetching from and a take parameter for the number of log entries to fetch.


Query Audit Logs

Occurs whenever an Administrator adds a new Client Matter.

Occurs whenever an Administrator provisions new Harvey users.

Occurs whenever an Administrator exports a.csv file of all the users in their workspace.

Occurs whenever an Administrator views Workspace History.

Occurs whenever an Administrator views a specific Workspace History item.

Occurs whenever an Administrator deletes a Client Matter.

Occurs whenever an Administrator deletes a Workspace History item.

Occurs whenever an Administrator deletes more than one Workspece History item at once.

Occurs whenever a user downloads the Usage .csv report.

Occurs whenever a user exports a .csv file of Workspace History.

Occurs whenever the list of all Client Matters in the Workspace is retrieved from the server.

Occurs whenever Usage statistics are retrieved from the server.

Occurs whenever Workspace History is retrieved from the server.

Occurs whenever a specific Workspace History item is retrieved from the server.

Occurs whenever the list of active users in the Workspace is retrieved from the server.

Occurs whenever an Administrator changes Workspace settings for Client Matters to enable or disable allowing users to submit a query without a client matter selected or allowing users to add, edit or delete client matters.

Occurs whenever an Administrator deprovisions Harvey users.

Occurs whenever an Administrator updates an existing Client Matter.

Occurs whenever the API is used to get, create or delete a Client Matter. Used to enforce the rate limits for the Client Matter API.

Occurs whenever a query is made to Harvey's Open Ended API.

Occurs whenever History is retrieved via the API. The `data` type will be one of either `usage` or `query` depending on whether usage or query history was retrieved.

User ID of the user who triggered the event.

Date when the event occurred in ISO format.

Type of audit log event. This is a list of all the types of events we currently send. We may add more at any time, so in developing and maintaining your code, you should not assume that only these types exist.

Email of the user who triggered the event.

User agent of the actor who triggered the event.

Occurs whenever a user attempted to log into the Harvey web application, but was denied access.

Occurs whenever a user successfully logs in to Harvey.

Occurs whenever a user logs out of Harvey. By default, users are logged out after 3 days of inactivity or after 7 days.

Occurs when your History has been automatically deleted in accordance with your Data Retention policy.

Occurs when your History has been pseudonymonized and identifying details removed from our systems.

Occurs whenever Audit Logs are retrieved via the API.

Occurs whenever a Harvey admin views a user's Workspace History.

Occurs whenever a user adds an additional Client Matter to the Workspace.

Occurs whenever a user cancels a Vault Review Query in progress.

Occurs whenever a Review Query fails to run and the user clears the errors instead retrying the query as-is.

Occurs whenever a user views their personal query History.

Occurs whenever a user clicks on a specific Workspace History item.

Occurs whenever a query is shared between users or to the entire Workspace. Includes the `event_id` of the query, whether the query was shared with users or with the Workspace, and identifies the individuals/Workspaces it was shared with.

Occurs whenever a user makes a query in the Harvey (with any tool).

Occurs whenever a user creates a new folder in a Vault project.

Occurs whenever a Vault folder is shared between users or to the entire Workspace. Includes the `folder_id` of the Vault project, whether the project was shared with users or with the Workspace, and identifies the individuals/Workspaces it was shared with.

Occurs whenever a user deletes a Client Matter.

Occurs whenever a user deletes a historical Vault Review query from a project.

Occurs whenever a user deletes a file from a Vault project.

Occurs whenever a user deletes a folder from a Vault project.

Occurs whenever a list of Client Matters is retrieved from the server.

Occurs whenever a user's query History is retrieved from the server.

Occurs whenever Vault project names are accessed from the server.

Occurs whenever rows from a Vault Review Query are retrieved from the server.

Occurs whenever an Example Vault project is retrieved from the server. Example projects exist to give you a preview of how Vault works. Queries cannot be run on this project. It will not count towards any limits and cannot be deleted.

Occurs whenever a file in a Vault project is accessed from the server.

Occurs whenever multiple files in a Vault project are accessed from the server.

Occurs whenever a folder in a Vault project is accessed from the server.

Occurs whenever history from a Vault folder is retrieved from the server.

Occurs whenever a Vault folder path is retrieved from the server.

Occurs whenever Vault folders are retrieved from the server.

Occurs whenever statistics on Vault Review Query usage are retrieved from the server.

Occurs whenever a folder inside a Vault project is retrieved from the server.

Occurs whenever a user reruns a Vault Review query.

Occurs whenever a user retries uploading files to a Vault project which previously failed to upload.

Occurs whenever a user uses the search bar to find a folder or file in a Vault Project.

Occurs whenever a user edits an existing Client Matter.

Occurs whenever the permission level for a query is changed. Includes the `event_id` of the query, whether the query was shared with users or with the Workspace, and identifies any changes to the individuals/Workspaces it was shared with, including revoked access.

Occurs whenever a user adds, removes or deletes a Client Matter associated with a Workspace History item.

Occurs whenever a user updates the name of a file in a Vault project.

Occurs whenever a user updates the name of a Vault project.

Occurs whenever the permission level for a Vault project is changed. Includes the `folder_id` of the Vault project, whether the project was shared with users or with the Workspace, and identifies any changes to the individuals/Workspaces it was shared with, including revoked access.

Getting Started

Assistant

Vault

History Export

Audit Logs

Client Matters

Query Audit Logs

Authorizations

Query Parameters

Response