Audit log.

Every privileged action. Append-only. Exportable.

The audit log records every action that changes state: pack edits, prompt edits, provider key changes, user changes, role changes, send approvals, send executions, and configuration changes.

Logs are append-only. They are exposed read-only through the REST API and exportable as JSON or CSV. Retention is 18 months on Core, 5 years on Enterprise, and configurable beyond that.

A log entry

{
          "ts": "2026-04-25T14:08:21Z",
          "actor": { "user_id": "usr_01...", "email": "operator@yourco.com" },
          "action": "prompt.fork",
          "target": { "type": "prompt", "name": "extract_signals", "from": "v0.9.4", "to": "v0.9.4-acme" },
          "ip": "203.0.113.42",
          "user_agent": "Mozilla/5.0 ..."
        }