search
AcademyCustomer Portal

Audit and Traceability Overview

hashtag
Introduction

This document explains what is currently audited in askEdgi based strictly on the existing audit log implementation. It provides transparency to customers and stakeholders on what information is captured today when askEdgi is used.

This document does not describe future capabilities or inferred audit data. It reflects only what is available in the system today.

hashtag
Scope of Audit Logging

askEdgi maintains an audit log for AI usage that captures each AI invocation made by a user. Every audit record corresponds to one AI interaction.

In addition to AI invocation audit records, askEdgi generates audit events across broader platform operations. These events support traceability of user activity, system access, and administrative actions beyond AI usage.

The following platform-level audit event categories are captured:

  • Authentication events

  • Authorization failures

  • Data access events

  • Execution events

  • Export and sharing actions

  • Administrative changes

  • Model invocation metadata (where applicable)

The audit log captures only the following fields:

hashtag
Audited Fields

  1. Engine: Indicates the execution engine handling the AI request.

Example: agent

  1. AI Model: Specifies the AI model used to process the request.

Example: gpt-4o-mini-2024-07-18

  1. User Name: The authenticated user who submitted the prompt.

Example: John Mc

  1. Prompt to AI: The exact prompt text submitted by the user to askEdgi.

Examples:

  1. “Where is my sales data?”

  2. “Find objects linked to data retention”

  3. “Detect potential schema-level issues”

This field provides full traceability of user intent.

  1. Response from AI:

  2. The system-recorded AI response payload.

  3. Stored as a structured response (success flag and context)

  4. Captures whether the request was successfully processed

Example (simplified):

{

"success": true,

"context": {

"agent": "..."

}

}

  1. Error Message: If an AI invocation fails, the corresponding error message is captured.

  2. Empty or null when execution is successful

  3. Populated only for failed AI calls

  4. AI Input Tokens: Number of tokens consumed by the AI model for processing the input prompt.

Used for:

  1. Usage tracking

  2. Cost calculation

  3. Capacity analysis

  4. AI Output Tokens

  5. Number of tokens generated by the AI model in the response.

Used for:

  1. Usage tracking

  2. Cost calculation

  3. Monitoring response size

  4. Created Date: Timestamp indicating when the AI request was executed.

Example: 01-30-2026 12:52 PM

  1. EDGI LLM Call Cost:

Cost incurred for the AI call, calculated based on:

  1. Input tokens

  2. Output tokens

  3. Model pricing

Example: 0.0045501

  1. LLM Call Details: Technical metadata related to the LLM invocation.

Example:

{

"model": "gpt-4o-mini-2024-07-18"

}

This field supports internal diagnostics and verification.

In addition to AI-specific audit fields, audit records may include common metadata fields to support investigation and correlation:

  • event_type

  • timestamp

  • user_id

  • workspace_id

  • resource_id

  • action

  • outcome

  • source_ip

  • execution_id

  • model_version (if applicable)

hashtag
Audit Log Integrity and Protection

Audit logs are stored using tamper-resistant mechanisms. Timestamps are time-synchronized to ensure chronological accuracy. Access to audit logs is restricted and governed through access-controlled retrieval mechanisms.

hashtag
Audit Log Export and SIEM Integration

askEdgi supports exporting audit log data for integration with customer-managed Security Information and Event Management (SIEM) systems. Supported export mechanisms include:

  • JSON Lines format

  • Webhook-based streaming

  • Cloud-native log sinks

hashtag
Audit and Investigation Use Cases

Audit logs can be used to support security and compliance activities such as:

  • Detecting anomalous export activity

  • Monitoring repeated authentication failures

  • Auditing data access patterns

  • Investigating security incidents

hashtag
Customer Responsibilities for Audit Data

Customers are responsible for securing audit logs once exported, managing access controls to audit data, and ensuring compliance with applicable data retention and regulatory requirements.

hashtag
What This Audit Log Provides

Using the above fields, askEdgi enables:

  • User-level traceability of AI usage

  • Prompt-level auditing (what was asked)

  • Response-level visibility (what the AI returned)

  • Time-based tracking of AI interactions

  • Usage and cost transparency

  • Error traceability for failed AI calls

hashtag
Explicit Clarification

The following are not captured today in the askEdgi AI audit log:

  • Internal AI reasoning or chain-of-thought

  • Dataset values or row-level data

  • Model training data

  • Derived or inferred user intent

  • Cross-module correlation fields

This is by design and aligns with enterprise AI governance norms.

hashtag
Summary

askEdgi currently audits AI usage at the interaction level, capturing:

  • Who triggered the AI call

  • What prompt was sent

  • What model responded

  • When it happened

  • How much it cost

  • Whether it succeeded or failed

This provides clear, defensible auditability for AI usage without exposing sensitive internal processing details.

PreviousAdmin and Configuration GuideNextSecurity

Last updated

Was this helpful?