Skip to main content

Overview

Every agent action is tracked for accountability, debugging, and compliance. The audit trail answers: Who did what, when, why, and what was the result?

What Gets Tracked

Execution Records

Every agent run creates an execution record:

Action Records

Within each execution, individual actions are logged:

Attribution Requirements

Policy ORG-001 requires agent PRs include attribution trailers:

Required Trailers


Viewing Audit Data

CLI Commands

Example Output


Database Schema

Execution records are stored in PostgreSQL:

Git History

All file changes by agents are tracked in git with:
  1. Commit messages following Conventional Commits
  2. Attribution trailers as described above
  3. PR links to the creating execution

Querying Git History


Memory as Audit

Agent memory provides context for decisions:
Memory entries include:
  • What was decided
  • Why (reasoning)
  • When (timestamp)
  • Who (agent or human)

Session Tracking

Claude Code sessions are tracked for debugging:
Session data includes:
  • Start/end times
  • Working directory
  • Token usage
  • Files accessed

Compliance Reports

Weekly Summary

Shows:
  • Goals achieved
  • PRs merged
  • Issues resolved
  • Cost per outcome

Monthly Export

Export for external compliance systems.

Incident Investigation

When something goes wrong, trace the issue:

1. Find the Execution

2. Get Details

Output:

3. Check Logs


Retention Policy


Privacy Considerations

The audit trail does not capture:
  • Actual file contents (only paths)
  • API keys or secrets
  • Personal user data
  • Full conversation logs
For GDPR/CCPA compliance:
  • Anonymize user-identifying data
  • Provide data export on request
  • Support deletion requests

Best Practices

1. Review Weekly

Catch anomalies early.

2. Tag Important Executions

Use metadata for significant runs:

3. Document Exceptions

When overriding normal processes, document in:
  • PR description
  • Commit message
  • Memory update

4. Archive Periodically

Export audit data before retention expiry: