Audit & Compliance

Every request through DirectAI is audit-logged with PII redaction. Export compliance reports for HIPAA, SOC 2, and custom formats. Configure retention policies and legal holds.

Audit Logging

All requests and responses are captured as structured audit events. Each event includes the correlation ID, user identity (API key prefix), model, modality, timestamp, latency, token counts, and guardrail results. Sensitive content is redacted before logging — PII, API keys, and request bodies are stripped or masked.

{
  "event_id": "evt_abc123",
  "request_id": "req-uuid-here",
  "timestamp": "2025-01-15T10:30:00Z",
  "api_key_prefix": "dai_...abc",
  "model": "qwen-2.5-3b",
  "modality": "chat",
  "input_tokens": 150,
  "output_tokens": 320,
  "latency_ms": 245,
  "guardrails": {
    "pii_detected": false,
    "injection_detected": false,
    "content_safety_flagged": false
  },
  "status": 200
}

Compliance Exports

Generate compliance reports in HIPAA, SOC 2, or custom formats. Exports are created asynchronously — poll the status endpoint until complete, then download.

# Create a HIPAA compliance export
curl https://api.agilecloud.ai/api/v1/compliance/exports \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "format": "hipaa",
    "start_date": "2025-01-01",
    "end_date": "2025-01-31"
  }'

# Check export status
curl https://api.agilecloud.ai/api/v1/compliance/exports/exp_abc123 \
  -H "Authorization: Bearer YOUR_API_KEY"
FormatDescription
hipaaHIPAA access log format — PHI access tracking, user actions, timestamps
soc2SOC 2 Type II evidence — control activities, access events, configuration changes
rawRaw audit events as JSONL
customCustom format with field selection

Retention Policies

Configure how long audit data is retained. Retention periods vary by tier.

# Get retention config
curl https://api.agilecloud.ai/api/v1/audit/retention \
  -H "Authorization: Bearer YOUR_API_KEY"

# Update retention
curl -X PATCH https://api.agilecloud.ai/api/v1/audit/retention \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "retention_days": 365,
    "auto_delete": true
  }'

# Retention compliance report
curl https://api.agilecloud.ai/api/v1/audit/retention/report \
  -H "Authorization: Bearer YOUR_API_KEY"
TierDefault Retention
Free7 days
Pro30 days
Business1 year
EnterpriseUnlimited (configurable)

Legal Holds

Prevent audit data from being deleted during investigations or litigation. Legal holds override retention policies — held data is preserved until the hold is released.

# Create a legal hold
curl https://api.agilecloud.ai/api/v1/audit/legal-hold \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Investigation 2025-Q1",
    "reason": "Internal review",
    "start_date": "2025-01-01",
    "end_date": "2025-03-31"
  }'

# List active holds
curl https://api.agilecloud.ai/api/v1/audit/legal-hold \
  -H "Authorization: Bearer YOUR_API_KEY"

# Release a hold
curl -X DELETE https://api.agilecloud.ai/api/v1/audit/legal-hold/hold_abc123 \
  -H "Authorization: Bearer YOUR_API_KEY"

Endpoints

MethodPathDescription
POST/api/v1/compliance/exportsCreate export job
GET/api/v1/compliance/exportsList exports
GET/api/v1/compliance/exports/{export_id}Get export status
DELETE/api/v1/compliance/exports/{export_id}Delete export
GET/api/v1/audit/retentionGet retention config
PATCH/api/v1/audit/retentionUpdate retention config
GET/api/v1/audit/retention/reportRetention compliance report
POST/api/v1/audit/legal-holdCreate legal hold
GET/api/v1/audit/legal-holdList legal holds
DELETE/api/v1/audit/legal-hold/{hold_id}Release legal hold

PII Redaction in Audit Logs

Audit logs automatically redact PII before storage. SSNs, email addresses, phone numbers, credit card numbers, IP addresses, and dates of birth are detected and replaced with [REDACTED:TYPE] tokens. Redaction happens in the audit middleware before the event reaches any storage backend.