Skip to content
AI-Guardian
Book a demo
Platform

Audit log — evidence, not surveillance

A purpose-built record of every sensitive-data event and every admin action, designed from day one for regulators, not dashboards.

Tamper-evident

Rows are append-only and hashed into a daily chain, so silent edits become visible during the next export.

Content-free by construction

The log records what happened, not what was said. No prompts, no responses — ever.

Queryable

Filter by user, category, severity, framework, platform, or time window. Save views and share them with auditors.

Long retention

Enterprise default is 365 days of hot retention and archival on request. Short retention available for local-law reasons.

Audit-ready exports

CSV for analysts, signed PDF for auditors, and a streaming webhook for your SIEM. Every export carries a stable run ID.

Admin action trail

Policy edits, rule-set changes, and role assignments are captured alongside detection events, so the whole control story lives in one timeline.

What every row contains

  • Event ID — stable, resolvable from any export back to the Dashboard UI.
  • Actor — user ID (email only for Enterprise tenants that opt in) and tenant ID.
  • Platform — ChatGPT, Claude, Gemini, etc.
  • Category — e.g. pii_email, financial_iban, technical_secret.
  • Severity — low, medium, high, critical.
  • Framework tag — GDPR, HIPAA, SOC 2, internal policy.
  • Decision — allowed, redacted, blocked.
  • Timestamp — monotonic UTC with daily chain hash.

Why this shape

The first question every auditor asks is “show me a sample event.” The second is “can you prove this wasn't edited?” AI-Guardian answers both without the audit team having to ping a database admin. Each row is reproducible, each export is signed, and the chain of hashes is independently verifiable with a tool we ship alongside the CSV.

Retention and deletion

By default, logs are retained for 365 days and then moved to cold archive. Enterprise customers can shorten or extend this on contract, and can delete an individual actor's events to satisfy a right-to-erasure request — the deletion itself is logged in the admin action trail.

Request a sample exportSOC 2 mapping