Skip to main content

Audit Log

Anima maintains an immutable, append-only audit log of every action performed by or on behalf of agents. The audit log is critical for compliance, incident response, and operational visibility.

What Gets Logged

Every API call, agent action, and system event produces an audit entry:
CategoryEvents
AgentCreate, update, delete, suspend
EmailSend, receive, forward, delete
CardsCreate, authorize, decline, close
VaultStore, retrieve, rotate, delete secrets
WalletPayment, budget change, approval request
IdentityDID creation, key rotation, credential issuance/revocation
A2ATask sent, received, completed, failed
AuthAPI key created, rotated, revoked; login attempts
PodCreated, updated, deleted, bridge created

Querying the Audit Log

import { Anima } from "@anima-labs/sdk";

const anima = new Anima({ apiKey: "ak_..." });

// Query audit events
const events = await anima.auditLog.query({
  agentId: "ag_8f3k2m9x1n4p7q6r",
  category: "email",
  action: "send",
  startTime: "2026-03-01T00:00:00Z",
  endTime: "2026-03-28T23:59:59Z",
  limit: 50,
});

for (const event of events.data) {
  console.log(`[${event.timestamp}] ${event.action}`);
  console.log(`  Actor: ${event.actorId} (${event.actorType})`);
  console.log(`  Resource: ${event.resourceType}/${event.resourceId}`);
  console.log(`  Details: ${JSON.stringify(event.metadata)}`);
}

Audit Event Structure

{
  "id": "evt_9x2m4k7p1n",
  "timestamp": "2026-03-15T14:32:01.234Z",
  "category": "email",
  "action": "send",
  "actorId": "ag_8f3k2m9x1n4p7q6r",
  "actorType": "agent",
  "resourceType": "message",
  "resourceId": "msg_abc123",
  "podId": "pod_prod",
  "metadata": {
    "to": "ops@example.com",
    "subject": "Deploy complete",
    "decision": "delivered",
    "ruleEvaluations": [
      { "rule": "per_minute_rate_limit", "result": "pass" },
      { "rule": "daily_send_quota", "result": "pass" },
      { "rule": "domain_allowlist", "result": "pass" }
    ]
  },
  "ipAddress": "10.0.1.42",
  "userAgent": "anima-sdk-node/1.5.0",
  "immutableHash": "sha256:a1b2c3d4..."
}

Exporting Audit Logs

Export logs for compliance review or SIEM integration:
// Export to JSON
const exportJob = await anima.auditLog.export({
  format: "json",           // "json" | "csv" | "parquet"
  startTime: "2026-01-01T00:00:00Z",
  endTime: "2026-03-31T23:59:59Z",
  destination: "s3://my-bucket/audit-logs/q1-2026.json",
});

console.log(`Export job: ${exportJob.id}, Status: ${exportJob.status}`);

// Stream to a SIEM (Splunk, Datadog, etc.)
await anima.auditLog.configureSiemStream({
  provider: "datadog",
  apiKey: "dd_...",
  site: "datadoghq.com",
  tags: ["env:production", "service:anima"],
});

API Reference

EndpointDescription
GET https://api.useanima.sh/api/audit-log/eventsQuery audit events
GET https://api.useanima.sh/api/audit-log/events/{id}Get a single audit event
POST https://api.useanima.sh/api/audit-log/exportStart an export job
GET https://api.useanima.sh/api/audit-log/export/{id}Check export job status
POST https://api.useanima.sh/api/audit-log/siemConfigure SIEM streaming
GET https://api.useanima.sh/api/audit-log/siemGet SIEM configuration

Query Parameters

ParameterTypeDescription
agentIdstringFilter by agent
podIdstringFilter by pod
categorystringFilter by category (e.g., email, phone, vault, auth)
actionstringFilter by specific action
startTimestringISO 8601 start time
endTimestringISO 8601 end time
limitnumberMax results (default 50, max 1000)
cursorstringPagination cursor

Configuration

VariableDefaultDescription
ANIMA_AUDIT_RETENTION_DAYS365How long to retain audit events
ANIMA_AUDIT_HASH_ALGORITHMsha256Hash algorithm for immutability proofs
ANIMA_AUDIT_SIEM_BATCH_SIZE100Batch size for SIEM streaming
ANIMA_AUDIT_EXPORT_MAX_ROWS1000000Maximum rows per export job

Next Steps