Anima maintains an immutable, append-only audit log of every action performed by or on behalf of your agents. Use it for compliance reviews, incident investigation, and ongoing operational visibility.
What gets logged
| Category | Events |
|---|
| Agent | Create, update, delete, suspend |
| Email | Send, receive, forward, delete |
| Cards | Create, authorize, decline, close |
| Vault | Store, retrieve, rotate, delete secrets |
| Wallet | Payment, budget change, approval request |
| Identity | DID creation, key rotation, credential issuance/revocation |
| A2A | Task sent, received, completed, failed |
| Auth | API key created, rotated, revoked; login attempts |
| Pod | Created, updated, deleted, bridge created |
Event schema
Each audit event has the following structure:
{
"id": "evt_9x2m4k7p1n",
"timestamp": "2026-03-15T14:32:01.234Z",
"category": "cards",
"action": "authorize",
"actorId": "ag_8f3k2m9x1n4p7q6r",
"actorType": "agent",
"resourceType": "card",
"resourceId": "card_abc123",
"podId": "pod_prod",
"metadata": {
"amountCents": 4999,
"merchantName": "AWS",
"merchantMcc": "5734",
"decision": "approved",
"ruleEvaluations": [
{ "rule": "per_transaction_limit", "result": "pass" },
{ "rule": "daily_limit", "result": "pass" },
{ "rule": "mcc_allowlist", "result": "pass" }
]
},
"ipAddress": "10.0.1.42",
"userAgent": "anima-sdk-node/1.5.0",
"immutableHash": "sha256:a1b2c3d4..."
}
| Field | Type | Description |
|---|
id | string | Unique event identifier |
timestamp | ISO 8601 | When the event occurred |
category | string | Event category (e.g., cards, email, auth) |
action | string | Specific action taken |
actorId | string | ID of the agent or user that performed the action |
actorType | string | agent or user |
resourceType | string | Type of resource affected |
resourceId | string | ID of the specific resource |
podId | string | Pod the event occurred in |
metadata | object | Action-specific details (amounts, decisions, rule evaluations) |
immutableHash | string | SHA-256 hash for tamper detection |
Query the audit log
Filter events by agent, category, action, or date range.
import { Anima } from "@anima-labs/sdk";
const anima = new Anima({ apiKey: "ak_..." });
const events = await anima.auditLog.query({
agentId: "ag_8f3k2m9x1n4p7q6r",
category: "cards",
action: "authorize",
startTime: "2026-03-01T00:00:00Z",
endTime: "2026-03-28T23:59:59Z",
limit: 50,
});
for (const event of events.data) {
console.log(`[${event.timestamp}] ${event.action}`);
console.log(` Actor: ${event.actorId} (${event.actorType})`);
console.log(` Resource: ${event.resourceType}/${event.resourceId}`);
console.log(` Details: ${JSON.stringify(event.metadata)}`);
}
from anima import Anima
anima = Anima(api_key="ak_...")
events = anima.audit_log.query(
agent_id="ag_8f3k2m9x1n4p7q6r",
category="cards",
action="authorize",
start_time="2026-03-01T00:00:00Z",
end_time="2026-03-28T23:59:59Z",
limit=50,
)
for event in events.data:
print(f"[{event.timestamp}] {event.action}")
print(f" Actor: {event.actor_id} ({event.actor_type})")
print(f" Resource: {event.resource_type}/{event.resource_id}")
import "github.com/anima-labs/anima-go"
client := anima.NewClient("ak_...")
events, err := client.AuditLog.Query(ctx, &anima.AuditLogQueryParams{
AgentID: "ag_8f3k2m9x1n4p7q6r",
Category: "cards",
Action: "authorize",
StartTime: "2026-03-01T00:00:00Z",
EndTime: "2026-03-28T23:59:59Z",
Limit: 50,
})
Query parameters
| Parameter | Type | Description |
|---|
agentId | string | Filter by agent |
podId | string | Filter by pod |
category | string | Filter by category (e.g., cards, email, auth) |
action | string | Filter by specific action |
startTime | string | ISO 8601 start time |
endTime | string | ISO 8601 end time |
limit | number | Max results (default 50, max 1,000) |
cursor | string | Pagination cursor for the next page |
Export audit logs
Export logs to a file or stream them to a SIEM for compliance review and alerting.
// Export to JSON, CSV, or Parquet
const exportJob = await anima.auditLog.export({
format: "json", // "json" | "csv" | "parquet"
startTime: "2026-01-01T00:00:00Z",
endTime: "2026-03-31T23:59:59Z",
destination: "s3://my-bucket/audit-logs/q1-2026.json",
});
console.log(`Export job: ${exportJob.id}, Status: ${exportJob.status}`);
// Stream to a SIEM (Splunk, Datadog, etc.)
await anima.auditLog.configureSiemStream({
provider: "datadog",
apiKey: "dd_...",
site: "datadoghq.com",
tags: ["env:production", "service:anima"],
});
export_job = anima.audit_log.export(
format="json",
start_time="2026-01-01T00:00:00Z",
end_time="2026-03-31T23:59:59Z",
destination="s3://my-bucket/audit-logs/q1-2026.json",
)
print(f"Export job: {export_job.id}, Status: {export_job.status}")
API reference
| Endpoint | Method | Description |
|---|
/api/audit-log/events | GET | Query audit events |
/api/audit-log/events/:id | GET | Get a single audit event |
/api/audit-log/export | POST | Start an export job |
/api/audit-log/export/:id | GET | Check export job status |
/api/audit-log/siem | POST | Configure SIEM streaming |
/api/audit-log/siem | GET | Get SIEM configuration |
Audit events are retained for 365 days by default. Contact support to configure a longer retention period for compliance requirements.
