Activity Log

The Activity Log feature in AI Guard provides tracking of all service interactions. This enables logging, attribution, and accountability for your AI application activity.

When you enable AI Guard, its Activity Log is automatically activated. It captures critical details of each service call and allows you to track your application-specific events. This information is stored in Pangea's Secure Audit Log , using a schema designed specifically to track and analyze AI application activity.

The Activity Log page tracks all interactions within the AI Guard service, capturing:

Timestamps
Actor
Input and output data
Detections and contextual information
Service configuration ID and recipe
Authentication and authorization data

Learn more about configuring your AI Guard Activity Log in the General settings documentation.

Viewing logs

Logs can be accessed on the AI Guard Activity Log page in your Pangea User Console . You can also view a service usage summary on the Overview page.

Pangea's AI Guard Secure Audit Log Viewer page in the Pangea User Console

Quick search tabs

You can save your search criteria using the + Query button on the right. The saved query will appear as a tab at the top of the Secure Audit Log Viewer page. Several pre-defined searches are available in the AI Guard Activity Log by default.

Search bar

By default, the log viewer displays events from the past two hours for the current service.

To customize your search, you can:

Click the funnel icon to open the filter dialog. Enter your search criteria and click Search. The search syntax will appear in the search bar, and matching results will be shown in the table below.
Place your cursor in the search bar to view a dropdown of available search parameters. Start typing to filter the list and use autocompletion to build your query.
Manually enter your query using the Search Syntax described in the Secure Audit Log documentation.

Date range

All searches must be restricted to a time range, with the default set to the most recent two hours.

The date range selector drop-down next to the search button offers several options for selecting a date range:

Use Quick selections to choose a relative date range of 1, 7, or 30 days.
Under the Relative tab, define a custom relative date range.
Use Between to search for log events between two specific dates.
Use Before to search for events that occurred before a specified date.
Use After to search for events that occurred after a specified date.

Additionally, you can filter results by clicking on a result row and selecting a timestamp. This allows you to filter for a specific date or use the timestamp as an upper or lower date range limit by clicking the + button next to the captured timestamp in the log.

Selecting a date criteria using the captured timestamp on the Audit Log Viewer page in the Pangea User Console

note

The log retention policy defines how long Pangea stores logs across different storage tiers and which logs remain searchable. For details, see the Secure Audit Log Retention policy documentation.

You can configure the Retention policy on the Secure Audit Log General Settings page in your Pangea User Console .

Results

Displayed fields

By default, the fields marked as Visible in the audit log schema are displayed as columns in the search results. To change which fields are displayed, click the gear button.

Learn more about configuring AI Guard Audit Log Schema in the General settings documentation.

Event details

To view all fields for an event, click the corresponding row in the search results. This will expand the row to reveal all event fields, including those not configured for display in the table. If any fields contain JSON data, they will be displayed as an interactive JSON tree.

Tamperproof information

Records returned by the Log Viewer are marked with icons indicating the tamperproof status of each record. Learn more about Tamperproofing in the Security Audit Log documentation.

Lock icon

The lock icon indicates that the membership proof for the corresponding log event has been verified.

Click the lock icon to open a pop-up displaying the information required to independently verify the log event:
- Status
  
  The statuses are Verified, Unverified, and Failed. If the status is Failed, the lock icon will appear red. Records that are still cached will appear unverified until they are committed from the cache.
- Verification Artifacts
  
  This includes the message hash, membership proof, consistency proof, root hash, and a link to the published root hash.
- Verification Command
  
  You can use the copied command with Pangea's Python SDK to verify the tamperproof status of the record.
Green line

The green line indicates that the consistency proof for the two adjacent log events has been verified.

These icons will appear asynchronously after search results are returned, as they are verified.

Download logs

Use the Download button to save search results to a CSV file for analysis, sharing, archiving, importing into another audit logging service, or other purposes.

note

The download button may trigger a pop-up to verify that you want to download from the website. Some browsers block this pop-up, so you may need to allow pop-ups for the page. After that, you must confirm the download request before the download begins.

Was this article helpful?

Activity Log

Viewing logs​

Quick search tabs​

Search bar​

Date range​

Results​

Displayed fields​

Event details​

Tamperproof information​

Download logs​