Audit Logging
Complete, contextual audit trails for every query evaluated by Guardrail Layer — including intent, enforcement decisions, and outcomes.
Why Traditional Database Logs Aren't Enough
Native database logs capture what happened — not why it happened.
When LLMs are involved, this gap becomes critical. A raw SQL statement provides no insight into:
- Who initiated the request
- Which role or policy applied
- Whether the query was transformed
- What alternative actions were considered
Audit logs without intent are insufficient for LLM-driven systems.
What Guardrail Layer Logs
Guardrail Layer records a structured audit event for every query, regardless of outcome.
The SQL as received
Rewritten version if modified
User ID and role information
Human, agent, or system
Rules evaluated for this query
Allow, transform, or deny
Duration, rows, cost
Request and completion times
Query Lifecycle Visibility
Each audit entry captures the full lifecycle of a query:
Decision Transparency
When a query is denied or transformed, Guardrail Layer records the specific reasons for the decision.
This makes it possible to understand and explain enforcement behavior without reverse-engineering SQL.
Audit Logs for LLM Behavior Analysis
Audit logs are not just for compliance — they are a diagnostic tool.
Teams use audit data to:
Identify unsafe prompt patterns
Detect repeated exploratory behavior
Understand inference attempts
Refine role and policy definitions
Retention & Export
Audit logs can be retained, exported, or streamed based on deployment configuration.
Configurable by organization
Export to logging platforms
Search and analyze past queries
Compliance & Accountability
Guardrail Layer's audit model supports:
- Internal security reviews
- Incident response investigations
- Regulatory compliance requirements
- Customer-facing transparency
Every enforcement decision is explainable, reproducible, and attributable.
Why This Matters
When LLMs touch production data, trust is built through visibility — not assumptions.
Guardrail Layer logs decisions, not just queries.