Query Audit Logs

curl --request GET \
  --url https://api.harvey.ai/api/v1/logs/audit \
  --header 'Authorization: Bearer <token>'

[
  {
    "data": {
      "begin_date": "2024-03-26T21:56:56.107874+00:00",
      "end_date": "2024-03-26T18:44:20.612870+00:00",
      "num_events": 50
    },
    "id": "018e99bb-0461-7880-bfbb-51ee869a0a52",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.217050",
    "type": "admin:fetch_workspace_history",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  },
  {
    "data": {
      "event_id": 100588387
    },
    "id": "018e99bb-0471-7c73-b214-0568d92f560a",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.113000",
    "type": "admin:client_view_workspace_history_item",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  }
]

GET

api

logs

audit

Query Audit Logs

curl --request GET \
  --url https://api.harvey.ai/api/v1/logs/audit \
  --header 'Authorization: Bearer <token>'

[
  {
    "data": {
      "begin_date": "2024-03-26T21:56:56.107874+00:00",
      "end_date": "2024-03-26T18:44:20.612870+00:00",
      "num_events": 50
    },
    "id": "018e99bb-0461-7880-bfbb-51ee869a0a52",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.217050",
    "type": "admin:fetch_workspace_history",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  },
  {
    "data": {
      "event_id": 100588387
    },
    "id": "018e99bb-0471-7c73-b214-0568d92f560a",
    "ip": "0.0.0.0",
    "timestamp": "2024-04-01T21:55:54.113000",
    "type": "admin:client_view_workspace_history_item",
    "user": "user@example.com",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
  }
]

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

from

string<uuid>

required

Audit log ID to begin fetching from.

take

integer

required

Number of audit log entries to fetch, max 1000

Response

List of audit log entries

data

object

required

Optional metadata for certain event types.

Show child attributes

string<uuid>

required

Unique identifier for the log entry.

Example:

"0194f5c5-2021-75ae-b202-f049fca9dce2"

string

required

IP address of the actor.

Example:

"0.0.0.0"

timestamp

string<date-time>

required

Date when the event occurred in ISO format.

Example:

"2025-02-11T16:08:44.324452"

type

required

Type of audit log event. This is a list of all the types of events we currently send. We may add more at any time, so in developing and maintaining your code, you should not assume that only these types exist.

Example:

{
  "$ref": "#/components/schemas/Admin_Fetch_Workspace_History"
}

user

string

required

Email of the user who triggered the event.

Example:

"user@example.com"

user_agent

string

required

User agent of the actor who triggered the event.

Example:

"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36"

Retrieve Latest Audit Log Get Client Matters

Getting Started

Assistant

Vault

History Export

Audit Logs

Client Matters

Query Audit Logs

Authorizations

Query Parameters

Response