Query Audit Logs

curl --request GET \
  --url https://api.harvey.ai/api/v1/logs/audit \
  --header 'Authorization: Bearer <token>'

[
  {
    "data": {
      "begin_date": "2024-03-26T21:56:56.107874+00:00",
      "end_date": "2024-03-26T18:44:20.612870+00:00",
      "num_events": 50
    },
    "id": "018e99bb-0461-7880-bfbb-51ee869a0a52",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.217050",
    "type": "admin:fetch_workspace_history",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  },
  {
    "data": {
      "event_id": 100588387
    },
    "id": "018e99bb-0471-7c73-b214-0568d92f560a",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.113000",
    "type": "admin:client_view_workspace_history_item",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  }
]

GET

api

logs

audit

Query Audit Logs

curl --request GET \
  --url https://api.harvey.ai/api/v1/logs/audit \
  --header 'Authorization: Bearer <token>'

[
  {
    "data": {
      "begin_date": "2024-03-26T21:56:56.107874+00:00",
      "end_date": "2024-03-26T18:44:20.612870+00:00",
      "num_events": 50
    },
    "id": "018e99bb-0461-7880-bfbb-51ee869a0a52",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.217050",
    "type": "admin:fetch_workspace_history",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  },
  {
    "data": {
      "event_id": 100588387
    },
    "id": "018e99bb-0471-7c73-b214-0568d92f560a",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.113000",
    "type": "admin:client_view_workspace_history_item",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  }
]

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

from

string<uuid>

required

Audit log ID to begin fetching from.

take

integer

required

Number of audit log entries to fetch, max 1000

Response

List of audit log entries

data

object

required

Optional metadata for certain event types.

Show child attributes

string<uuid>

required

Unique identifier for the log entry.

Example:

"0194f5c5-2021-75ae-b202-f049fca9dce2"

string

required

IP address of the actor.

Example:

"0.0.0.0"

timestamp

string<date-time>

required

Date when the event occurred in ISO format.

Example:

"2025-02-11T16:08:44.324452"

type

string

required

Type of audit log event. We may add more types at any time, so in developing and maintaining your code, you should not assume that only these types exist. For a complete list of all audit log types and their descriptions, see the Audit Logs Guide.

Example:

"admin:fetch_workspace_history"

user

string

required

Email of the user who triggered the event.

Example:

"user@example.com"

user_agent

string

required

User agent of the actor who triggered the event.

Example:

"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36"

Retrieve Latest Audit Log Get Client Matters

⌘I

Getting Started

Assistant

Vault

History Export

Audit Logs

Client Matters

Query Audit Logs

Authorizations

Query Parameters

Response