The audit trail is your permanent, tamper-proof record of every governance decision ever made. This guide explains how to read it, what each field means, and how to use it for investigation and compliance.
Accessing the audit trail
Go to Governance → Audit Trail. By default it shows the most recent evaluations across all agents. Use the filters at the top to narrow by agent, verdict, date range, or dimension.
What each evaluation shows
Every evaluation record includes:
Timestamp — when the evaluation was submitted.
Agent — which agent submitted the action.
Action — what the agent was trying to do, including the action type and target.
Verdict — ALLOW, ESCALATE, or DENY.
UCS — the overall confidence score from 0 to 1.
Tier — which evaluation tier produced the verdict (1, 2, or 3).
Latency — how long the evaluation took in milliseconds.
Click any evaluation to expand it and see the full detail view, including the dimension breakdown, the reasoning artifact, and the governance seal.
The dimension breakdown
The expanded view shows how each of the 20 dimensions scored the action. Dimensions are shown as a score from 0 to 1 alongside their weight in the final UCS calculation. Dimensions that carry veto authority are highlighted — if any of these scored below their threshold, that is what produced the denial regardless of other scores.
The reasoning artifact
High-complexity evaluations include a reasoning artifact — a structured explanation of why the evaluation produced the outcome it did. This is the document you share with auditors, compliance teams, or stakeholders who need to understand a specific governance decision.
Integrity verification
Each record in the audit trail contains the SHA-256 hash of the previous record. This means any modification, deletion, insertion, or reordering of records is detectable. The seal status on each record shows whether integrity has been verified.
Exporting
Audit trail export is available on Team and above plans. Go to Governance → Audit Trail → Export. You can export by date range, agent, or verdict type in CSV, JSON, or CEF format. Exported records include the full hash chain so integrity can be independently verified.