Your logging infrastructure was built for humans clicking buttons. Now you have AI agents making API calls, and your auditor wants to know who authorized what.
This template provides a structured audit log format that captures both human and AI-driven actions to satisfy SOC 2 Type II requirements and address the questions enterprise buyers ask during procurement.
Purpose of the Template
This audit log schema captures the authorization chain for AI agent actions—a gap traditional application logs don't fill. When an AI agent modifies a database, sends an email, or changes a configuration, you need to trace it back to:
- The human who authorized the agent
- The specific permission scope granted
- The business context for the action
- The actual technical operation performed
Use this template when:
- Implementing AI agents in production systems
- Your SOC 2 auditor asks how you track non-human actors
- Enterprise buyers request proof of AI activity
- Reconstructing an incident involving an AI agent
According to Gartner, 33% of enterprise software applications will include agentic AI by 2028. Your logging infrastructure needs to support that future, not just current manual workflows.
Prerequisites
Before implementing this template, ensure you have:
Technical requirements:
- A centralized logging system (ELK stack, Splunk, Datadog, or similar)
- JSON-structured logging capability in your application
- Ability to inject context at the service layer
- Retention policy that meets your compliance requirements (SOC 2 typically requires 1 year minimum)
Organizational requirements:
- Clear definition of which actions require human authorization vs. autonomous operation
- Documentation of your AI agent permission model
- Incident response process that includes AI agent activity review
The Audit Log Schema
{
"timestamp": "2024-01-15T14:32:18.442Z",
"event_id": "evt_7k2m9p1q3r4s5t6u",
"actor": {
"type": "ai_agent",
"agent_id": "agent_vulnerability_scanner_prod_01",
"agent_version": "v2.3.1",
"authorized_by": {
"user_id": "user_alice_chen",
"user_email": "[email protected]",
"authorization_timestamp": "2024-01-15T09:00:00.000Z",
"authorization_scope": "scan_internal_repos",
"authorization_expiry": "2024-01-22T09:00:00.000Z"
}
},
"action": {
"operation": "repository.scan.execute",
"target": {
"resource_type": "git_repository",
"resource_id": "repo_payment_service",
"resource_path": "/internal/payment-service"
},
"parameters": {
"scan_depth": "full",
"include_dependencies": true,
"severity_threshold": "medium"
}
},
"context": {
"trigger": "scheduled_weekly_scan",
"business_justification": "[PCI DSS](https://www.pcisecuritystandards.org/) v4.0.1 Requirement 6.3.2 compliance scan",
"related_ticket": "SEC-1847",
"environment": "production"
},
"outcome": {
"status": "success",
"findings_count": 3,
"findings_severity": ["high", "medium", "medium"],
"next_action": "create_jira_tickets",
"human_review_required": true
},
"security": {
"source_ip": "10.0.4.23",
"authentication_method": "service_account_key",
"mfa_verified": "n/a",
"session_id": "sess_9x8y7z6w5v4u3t2s"
},
"compliance_tags": ["pci_dss", "soc2_cc6.1", "quarterly_scan"]
}
Customizing the Template
For your AI agent types:
Replace agent_vulnerability_scanner_prod_01 with your actual agent naming convention. Include enough detail to distinguish between agent versions.
For authorization models:
If your agents operate under role-based permissions instead of user-granted scopes, modify the authorized_by section:
"authorized_by": {
"role": "security_automation",
"granted_by_policy": "pol_ai_agents_v2",
"policy_version": "2024-01-01",
"approval_chain": ["security_lead", "engineering_director"]
}
For compliance requirements:
The compliance_tags array should map to your actual control requirements. For SOC 2 Type II, reference specific Trust Service Criteria. For PCI DSS v4.0.1, include the requirement number.
For incident response:
Add fields your incident response team needs. Your template should include:
"incident_response": {
"anomaly_score": 0.23,
"baseline_deviation": false,
"alert_triggered": false,
"reviewed_by_human": null
}
For enterprise procurement:
When buyers ask "Can you show me what your AI did to our data during the trial?", you need logs that non-technical stakeholders can understand. Add a human-readable summary:
"human_readable_summary": "AI agent 'vulnerability_scanner' performed automated security scan of payment-service repository, authorized by Alice Chen (Security Lead) on Jan 15. Scan found 3 issues requiring engineer review."
Validation Steps
1. Test the authorization chain
Create a test AI agent action and verify you can answer:
- Who authorized this agent to perform this class of action?
- When does that authorization expire?
- What's the scope limit?
If you can't answer these questions by looking at a single log entry, your schema needs more context.
2. Simulate an audit request
Ask your compliance team (or a colleague playing auditor) to request evidence for:
- All AI agent actions in production during Q4
- All actions that modified customer data
- All actions that required but didn't receive human review
Your logging system should answer these queries without manual log parsing.
3. Run an incident reconstruction
Pick a recent change that an AI agent made. Using only your logs, reconstruct:
- What triggered the action
- What authorization allowed it
- What the agent actually did
- What happened as a result
When initial access involves an AI agent, you need logs that let you reconstruct the attack path.
4. Verify retention and searchability
Confirm that:
- Logs are retained for your required compliance period (minimum 1 year for SOC 2)
- You can search by agent ID, user ID, compliance tag, and timestamp
- Log format remains consistent across agent versions
- Logs are immutable (append-only, tamper-evident)
5. Test with a real buyer question
During your next enterprise sales cycle, when the buyer's security team asks about AI agent logging, pull a real example from your system. If you can't demonstrate the authorization chain and outcome in under 60 seconds, your logs aren't buyer-ready.
This template isn't a complete logging strategy—it's the foundation for tracking AI agent actions in a way that satisfies both auditors and enterprise buyers. Customize it for your authorization model, compliance requirements, and incident response needs. The goal is simple: when someone asks what your AI did, you have an answer.
