Activity Log

The Activity Log feature in Prompt Guard provides tracking of all service interactions. This enables logging, attribution, and accountability for your AI application activity.

When you enable Prompt Guard, its Activity Log is automatically activated. It captures critical details of each service call and allows you to track your application-specific events. This information is stored in Pangea's Secure Audit Log , using a schema designed specifically to track and analyze AI application activity.

The Activity Log page tracks all interactions within the Prompt Guard service, capturing:

Timestamps
Actor
Input and output data
Detections and contextual information
Service configuration ID and recipe
Authentication and authorization data

Learn more about configuring your Prompt Guard Activity Log in the General settings documentation.

Viewing logs

Logs can be accessed on the Prompt Guard Activity Log page in your Pangea User Console . You can also view a service usage summary on the Overview page.

Pangea's Prompt Guard Secure Audit Log Viewer page in the Pangea User Console

Filtering

You can filter logs by their content using the Secure Audit Log Search Syntax .

Quick search tabs

You can save your search criteria using the + Query button on the right. The saved query will appear as a tab at the top of the Secure Audit Log Viewer page. Several pre-defined searches are available in the Prompt Guard Activity Log by default.

Search bar

By default, the most recent two hours of log events for the current service are displayed. To specify custom search criteria, click the funnel icon. In the filter dialog, enter your search criteria and click Search to apply it. The search syntax will appear in the search bar, and matching results will be shown in the table below.

Alternatively, you can manually enter your search criteria using the <field_name>:<value> syntax, along with operators like AND and OR. Use autocompletion and refer to the Search Syntax documentation for guidance.

Date range

All searches must be restricted to a time range, with the default set to the most recent two hours.

The date range selector drop-down next to the search button offers several options for selecting a date range:

Use Quick selections to choose a relative date range of 1, 7, or 30 days.
Under the Relative tab, define a custom relative date range.
Use Between to search for log events between two specific dates.
Use Before to search for events that occurred before a specified date.
Use After to search for events that occurred after a specified date.

Additionally, you can filter results by clicking on a result row and selecting a timestamp. This allows you to filter for a specific date or use the timestamp as an upper or lower date range limit by clicking the + button next to the captured timestamp in the log.

Selecting a date criteria using the captured timestamp on the Audit Log Viewer page in the Pangea User Console

note

Your Retention policy, located in the Secure Audit Log Settings of the Pangea User Console, defines how long Pangea retains logs. By default, this period is set to one year.

Results

Displayed fields

By default, the fields marked as Visible in the audit log schema are displayed as columns in the search results. To change which fields are displayed, click the gear button.

Learn more about configuring Prompt Guard Audit Log Schema in the General settings documentation.

Event details

To view all fields for an event, click the corresponding row in the search results. This will expand the row to reveal all event fields, including those not configured for display in the table. If any fields contain JSON data, they will be displayed as an interactive JSON tree.

Tamperproof information

Records returned by the Log Viewer are marked with icons indicating the tamperproof status of each record. Learn more about Tamperproofing in the Security Audit Log documentation.

Lock icon

The lock icon indicates that the membership proof for the corresponding log event has been verified.

Click the lock icon to open a pop-up displaying the information required to independently verify the log event:
- Status
  
  The statuses are Verified, Unverified, and Failed. If the status is Failed, the lock icon will appear red. Records that are still cached will appear unverified until they are committed from the cache.
- Verification Artifacts
  
  This includes the message hash, membership proof, consistency proof, root hash, and a link to the published root hash.
- Verification Command
  
  You can use the copied command with Pangea's Python SDK to verify the tamperproof status of the record.
Green line

The green line indicates that the consistency proof for the two adjacent log events has been verified.

These icons will appear asynchronously after search results are returned, as they are verified.

Download logs

Use the Download button to save search results to a CSV file for analysis, sharing, archiving, importing into another audit logging service, or other purposes.

note

The download button may trigger a pop-up to verify that you want to download from the website. Some browsers block this pop-up, so you may need to allow pop-ups for the page. After that, you must confirm the download request before the download begins.

Was this article helpful?

Activity Log

Viewing logs​

Filtering​

Quick search tabs​

Search bar​

Date range​

Results​

Displayed fields​

Event details​

Tamperproof information​

Download logs​