Audit ledger & reports

The append-only, hash-chained record of every decision and configuration change — plus governance analytics.

Audit ledger

Each entry is cryptographically linked to the previous one, so tampering is detectable. Verify integrity re-derives the chain and confirms nothing was altered; filter by actor and page through the full history; and export to CSV or JSON for compliance evidence.

Activity vs. the ledger: Activity is the operational feed of agent actions (with each decision trail); the ledger additionally records every configuration change, sign-in, approval, and billing event — the complete system-of-record.

Compliance: signed export, anchoring & retention

The compliance panel on the Audit ledger page provides three tools:

  • Signed export — a tamper-evident envelope of the full chain that an auditor verifies offline with verifyLedgerExport() from the SDK — no platform access needed.
  • External anchoring — POST signed chain-head anchors (hashes and counts only, never entry contents) to your own WORM store or SIEM. Set the anchor sink URL and anchor on demand; recent anchors are listed with their head hashes so an export can be corroborated against them.
  • Retention — operational records (terminal actions, settled deliveries, decided approvals) past your plan's retention window are pruned on a schedule, or on demand. The ledger itself is preserved and re-anchored, and a shrunk window is announced in the ledger one cycle before any pruning begins.

Reports

Governance & spend analytics over a window you choose (7 / 30 / 90 days): effect totals, spend by agent, spend trend, denial reasons, top denied resources, action mix, and approval response times. Use it for QBRs, cost reviews, and tuning your policies.