Audit Logging
Immutable audit trails for every action and AI decision.
Every action in Ctrl AI is recorded in an append-only audit log. Every AI inference query is logged with a full execution trace.
What's Logged
Action Audit Log
Every mutation is logged with:
| Field | Description |
|---|---|
action | What happened (e.g., unit.created, member.invited, api_key.created) |
userId | Who performed the action |
resourceType | Type of resource affected |
resourceId | ID of the affected resource |
details | JSON object with action-specific details |
ipAddress | Request origin |
userAgent | Client identifier |
createdAt | Timestamp |
Inference Audit Log
Every AI query is logged with:
| Field | Description |
|---|---|
query | The user's question (encrypted at rest with AES-256-GCM) |
unitsFired | Which units were executed |
inputVariables | Parsed typed variables from the query |
outputVariables | What each unit produced |
trustSummary | Count of verified/expert/synthesized/neural segments |
coveragePercent | How much of the query was covered by verified units |
executionTrace | Full step-by-step execution details |
modelsUsed | LLM provider + model ID for each role (parse, evaluate, prose) |
auditWarnings | Claims flagged as ungrounded by the model auditor |
durationMs | Total execution time |
mode | full_coverage, partial_coverage, or neural_only |
Querying Logs
Use the audit API to query logs with filters:
GET /api/v1/audit?action=unit.verified&startDate=2026-01-01&limit=100See Audit API Reference for full query parameters.
CSV Export
Admins can export audit logs as CSV for external analysis:
GET /api/v1/audit?format=csvImmutability
Audit logs are append-only. They cannot be modified or deleted through the application. This design satisfies:
- EU AI Act Article 12 (Record-Keeping)
- SOC 2 CC7.1 (Change Management)
- HIPAA 164.312(b) (Audit Controls)
Data Retention
Currently, all audit logs are retained indefinitely. Configurable retention policies per organization are planned for a future release.