Audit Trail
Every secret access, token issuance, and approval decision is permanently logged. Query, export, and integrate audit data for compliance, incident response, and anomaly detection.
Why audit logs matter
Agent systems access credentials continuously and autonomously. Without an audit trail, you have no way to answer: who read this secret, when, from where, and why?
Agent Secret Store captures every vault interaction as an immutable audit event — including denied requests, expired token attempts, and approval decisions. Events are written to an append-only log and cannot be modified or deleted by any API call.
Event types
Every audit event has an event field in resource.action format.
| Event | Actor | Description |
|---|---|---|
| secret.created | human/agent | A new secret was stored in the vault |
| secret.read | agent/token | A secret value was retrieved |
| secret.updated | human/agent | Secret value or metadata was modified |
| secret.deleted | human/agent | A secret was permanently deleted |
| secret.rotated | system/human | Secret was rotated; new version activated |
| secret.expired | system | Secret TTL lapsed; access now blocked |
| secret.rolled_back | human | Active version reverted to a prior version |
| token.issued | agent/human | A scoped token was issued |
| token.used | token | A token was presented and accepted for a read |
| token.revoked | human | A token was explicitly invalidated before expiry |
| token.expired | system | Token TTL lapsed naturally |
| approval.requested | agent | An agent requested approval for a sensitive/critical secret |
| approval.granted | human | Approver accepted a pending token request |
| approval.denied | human | Approver rejected a pending token request |
| approval.timed_out | system | Approval request expired without a decision |
| member.invited | human | A team member was invited to the tenant |
| member.removed | human | A team member was removed from the tenant |
| member.role_changed | human | A member's role was updated |
Audit event data model
Each event is a JSON object with a stable schema. The metadata field carries event-specific context (e.g. scope for token events, version for secret events):
{
"id": "evt_01J8K3X7B4N9VQRM2P5C6WDJH4",
"event": "secret.read",
"actor_id": "ast_tok_7f3a...",
"actor_type": "token",
"actor_description": "GPT-4 inference agent",
"resource_type": "secret",
"resource_path": "production/openai/api-key",
"resource_version": "v3",
"tenant_id": "ten_abc123",
"ip": "10.0.1.50",
"user_agent": "agentsecretstore-python/1.2.0",
"status": "success",
"metadata": {
"scope_used": "secrets:read:production/openai/*",
"token_ttl_remaining": 2834
},
"timestamp": "2025-01-15T14:22:31.847Z"
}| Field | Type | Description |
|---|---|---|
| id | string | Globally unique event ID (ULID format, sortable by time) |
| event | string | Event type in resource.action format |
| actor_id | string | ID of the principal that triggered the event |
| actor_type | enum | "human" | "agent" | "token" | "system" |
| actor_description | string | Human-readable label (e.g. token description) |
| resource_type | string | "secret" | "token" | "member" | "approval" |
| resource_path | string | Full path of the affected resource |
| ip | string | Source IP address of the request |
| status | enum | "success" | "denied" | "error" |
| metadata | object | Event-specific key-value context |
| timestamp | string | ISO-8601 with milliseconds (UTC) |
Querying the audit trail
Query events with filters: event type, actor, resource path, time range, and status. Results are paginated (100 events per page, up to 10,000 total per query).
Python
from agentsecretstore import AgentVault
from datetime import datetime, timezone, timedelta
async def query_audit_trail():
async with AgentVault() as vault:
# Get all reads in the last 24 hours
events = await vault.audit.query(
event_types=["secret.read"],
since=datetime.now(timezone.utc) - timedelta(hours=24),
)
for e in events:
print(f"{e.timestamp} | {e.actor_id} read {e.resource_path}")
# Filter by resource path (supports glob patterns)
production_events = await vault.audit.query(
resource_path="production/*",
limit=100,
)
# Filter by actor (agent or token)
agent_events = await vault.audit.query(
actor_id="ast_tok_7f3a...",
event_types=["secret.read", "token.issued"],
)
# Filter by event outcome
failed_reads = await vault.audit.query(
event_types=["secret.read"],
status="denied",
since=datetime.now(timezone.utc) - timedelta(days=7),
)
print(f"Denied reads in last 7 days: {len(failed_reads)}")TypeScript
import { AgentVault } from '@agentsecretstore/sdk';
const vault = new AgentVault();
// Check for anomalous access patterns
const suspiciousReads = await vault.audit.query({
eventTypes: ['secret.read'],
resourcePath: 'production/stripe/*',
since: new Date(Date.now() - 3600_000), // last hour
});
if (suspiciousReads.length > 100) {
console.warn(`Unusual spike: ${suspiciousReads.length} Stripe reads in the last hour`);
}
// Export CSV for compliance team
const csvBlob = await vault.audit.export({
since: new Date('2025-01-01'),
until: new Date('2025-03-31'),
format: 'csv',
});curl
# List recent events — newest first
curl https://api.agentsecretstore.com/v1/audit \
-H "Authorization: Bearer $ASS_AGENT_KEY" \
-G \
--data-urlencode "event_types=secret.read,token.issued" \
--data-urlencode "since=2025-01-01T00:00:00Z" \
--data-urlencode "limit=50"
# Filter by resource path
curl https://api.agentsecretstore.com/v1/audit \
-H "Authorization: Bearer $ASS_AGENT_KEY" \
-G \
--data-urlencode "resource_path=production/stripe/*"
# Export to CSV (response is CSV content)
curl https://api.agentsecretstore.com/v1/audit/export \
-H "Authorization: Bearer $ASS_AGENT_KEY" \
-H "Accept: text/csv" \
-G \
--data-urlencode "since=2025-01-01T00:00:00Z" \
-o audit-export.csvRetention per plan
Audit events are queryable via API for the retention window of your plan. After that window, events are moved to cold storage (BigQuery) and remain accessible via the dashboard export.
| Plan | Hot (API queryable) | Cold (BigQuery) | Total |
|---|---|---|---|
| Starter | 7 days | — | 7 days |
| Growth | 90 days | 2 years | ~2.25 years |
| Enterprise | 365 days | Configurable (up to 7 years) | Custom |
CSV export
Export filtered audit events as CSV for spreadsheet analysis, compliance submissions, or SIEM ingestion. The export API accepts the same filter parameters as the query API.
The CSV includes all event fields plus flattened metadata columns. Downloads are streamed — large exports (millions of rows) won't time out.
Scheduled exports
Enterprise tenants can configure a weekly or monthly audit export delivered to an S3 bucket or GCS bucket. Configure in Settings → Compliance → Scheduled Exports.
Compliance queries
Common audit queries for SOC 2, HIPAA, and incident response:
# SOC 2 evidence: all access to critical-tier secrets in Q1 2025
curl https://api.agentsecretstore.com/v1/audit/export \
-H "Authorization: Bearer $ASS_AGENT_KEY" \
-H "Accept: text/csv" \
-G \
--data-urlencode "since=2025-01-01T00:00:00Z" \
--data-urlencode "until=2025-03-31T23:59:59Z" \
--data-urlencode "resource_tier=critical" \
-o soc2-q1-critical-access.csv
# HIPAA audit: all reads by a specific agent in a date range
curl https://api.agentsecretstore.com/v1/audit/export \
-H "Authorization: Bearer $ASS_AGENT_KEY" \
-H "Accept: text/csv" \
-G \
--data-urlencode "actor_id=ast_agent_hipaa_processor" \
--data-urlencode "since=2025-01-01T00:00:00Z" \
-o hipaa-agent-audit.csv
# Incident investigation: everything that happened to a compromised key
curl https://api.agentsecretstore.com/v1/audit \
-H "Authorization: Bearer $ASS_AGENT_KEY" \
-G \
--data-urlencode "resource_path=production/stripe/secret-key" \
--data-urlencode "since=2024-12-01T00:00:00Z"SOC 2 Type II
- ›All access to production secrets
- ›Approval decisions with timestamps
- ›Member role changes
- ›Token issuances with scope
HIPAA
- ›PHI-adjacent credential access
- ›Agent identity tied to reads
- ›Access denied events
- ›Key rotation history
Incident Response
- ›All reads of compromised key
- ›Actor IPs at time of breach
- ›Token history for actor
- ›Timeline reconstruction
Approval Workflows →
Require human sign-off before sensitive secrets are read.
Compliance Roadmap →
SOC 2, GDPR, HIPAA, and PCI-DSS plans for Agent Secret Store.
Security Best Practices →
Least-privilege design, IP allowlisting, anomaly monitoring.
REST API Reference →
Full audit query and export endpoint documentation.