cortexai-audit 0.1.0

Audit logging for AI agents — tool calls, LLM requests, and compliance tracking
Documentation

Audit logging for AI agents.

This crate provides comprehensive audit logging for all tool calls, LLM requests, and agent lifecycle events. It supports multiple backends and is designed for compliance and debugging in production environments.

Features

  • Structured Events: Rich event types for tool calls, LLM requests, errors, and more
  • Multiple Backends: File, JSON, and async logging with rotation support
  • Configurable Levels: Filter events by severity (Debug, Info, Warn, Error, Critical)
  • Log Rotation: Size-based, daily, or hourly rotation with cleanup
  • Non-blocking: Async wrapper for high-throughput scenarios
  • Compliance Ready: Designed for GDPR, SOC2, and enterprise requirements

Quick Start

use cortexai_audit::{
    AuditEvent, AuditContext, JsonFileLogger, RotationConfig, RotationPolicy, AuditLogger
};

# async fn example() -> Result<(), Box<dyn std::error::Error>> {
// Create a JSON file logger with daily rotation
let rotation = RotationConfig::new(RotationPolicy::Daily)
    .with_max_files(30);

let logger = JsonFileLogger::new(
    "/var/log/agents/audit.jsonl",
    Default::default(),
    rotation,
).await?;

// Log a tool call
let event = AuditEvent::tool_call("read_file", serde_json::json!({"path": "/tmp/data.txt"}), true)
    .with_context(
        AuditContext::new()
            .with_trace_id("req-123")
            .with_agent_id("research-agent")
    );

logger.log(event).await?;
logger.flush().await?;
# Ok(())
# }

Event Types

The crate supports various event types through EventKind:

  • ToolCall: Tool invocations with parameters and results
  • LlmRequest: Outgoing LLM API requests
  • LlmResponse: Incoming LLM responses
  • AgentLifecycle: Agent start, stop, pause, resume events
  • ApprovalDecision: Human-in-the-loop approval decisions
  • Error: Error events with stack traces
  • Security: Security-related events (auth, rate limits)
  • Custom: Extensible custom events

Backends

FileLogger

Simple human-readable text format, good for development.

JsonFileLogger

Structured JSON Lines format with rotation, ideal for production.

AsyncLogger

Non-blocking wrapper around any logger for high-throughput scenarios.

MemoryLogger

In-memory storage for testing.

CompositeLogger

Writes to multiple backends simultaneously.

Configuration

use cortexai_audit::{AuditConfig, AuditLevel};

// Development config - verbose logging
let dev_config = AuditConfig::development();

// Production config - info level with redaction
let prod_config = AuditConfig::production();

// Custom config
let custom_config = AuditConfig::new()
    .with_min_level(AuditLevel::Warn)
    .with_redaction(true)
    .with_max_payload_size(5 * 1024);