Compliance · Audit Event Log
A complete record of every AI interaction that mattered.
When a regulator or client asks "what did your team send to AI tools last quarter?" the answer should never be "we don't know." Ventrin's audit log gives you a full, exportable trail — timestamped, hashed, and tamper-evident.
How the log works
Signed. Searchable. Export-ready.
Every interception creates a signed event.
Each detection generates a structured event record: unique event ID, ISO 8601 timestamp, user ID, team, destination AI tool (ChatGPT, Claude, Gemini…), and the sensitivity categories detected. The prompt content itself is never stored — only the metadata. Events are cryptographically signed to detect tampering.
Filter and export in seconds.
Search across the full event history by user, team, date range, destination platform, or sensitivity category. Combine filters — "all API key detections for the development team in the last 30 days" — and export to CSV for your DLP platform or JSON for your SIEM. No preprocessing required.
Structured for discovery and regulatory response.
The event schema is designed to answer the exact questions regulators and clients ask: which users were active, what types of data were flagged, which AI tools were used, and what was the policy outcome. Produce a report in the format your DPO or supervising partner needs in under a minute.
What the log proves
Demonstrate control. Not just intent.
Under GDPR's accountability principle (Article 5(2)), organisations must be able to demonstrate compliance — not merely assert it. Under SRA transparency obligations, firms must be able to show they have appropriate governance around AI use. The audit log is the artefact that turns "we have policies" into "here is our evidence."
- GDPR Article 5(2) accountability — demonstrable record of control activity
- ICO AI guidance compliance — documented oversight of automated processing
- Client audit ready — respond to due diligence questionnaires with actual data
- Insurance evidence — demonstrates active AI governance for cyber and PI coverage
Event record structure
{
"event_id": "evt_01HX4K9ZM…",
"timestamp": "2026-05-25T09:14:32.114Z",
"workspace_id": "ws_…",
"user_id": "usr_…",
"user_email_hash": "sha256:d4e8…",
"tool": "chatgpt",
"outcome": "redacted",
"entities_detected": [
"PERSON", "ORG"
],
"entity_count": 2,
"policy_id": "pol_…",
"policy_name": "Employment Team",
"scan_ms": 38,
"prompt_token_count": 61,
"signature": "hmac-sha256:7f4b…"
}Every field except event_id and timestamp is nullable. Prompt text is never stored. Signature allows tamper detection for regulatory review.
event_id,timestamp,user_email_hash,
tool,outcome,entities_detected,
entity_count,policy_name,scan_ms
evt_01HX4K,
2026-05-25T09:14:32Z,
sha256:d4e8…,
chatgpt,redacted,
"PERSON|ORG",2,
Employment Team,38
evt_01HX4L,
2026-05-25T09:17:08Z,
sha256:a2c1…,
claude,pass,"",0,
Employment Team,12CSV exports available from the Admin Dashboard or via REST API. JSON Lines format also available for log aggregation pipelines (Splunk, Datadog, ELK).
What each outcome value means
| outcome | Description | Prompt sent to AI? | Entities in log? |
|---|---|---|---|
pass |
No sensitive content detected | Yes — original | Empty array |
redacted |
PII replaced with labelled placeholders | Yes — sanitised | Entity types listed |
blocked |
Policy rule triggered a hard block | No | Entity types listed |
warned |
User shown warning and chose to continue | Yes — original | Entity types listed |
Turn "we think we're compliant" into evidence.
Early access open for legal and regulated teams.
90-day retention · CSV & JSON export · Tamper-evident event IDs.