Core Concepts
Audit Trail
Lelu maintains a comprehensive, immutable audit log of every authorization decision made by the engine. This is crucial for compliance, debugging, and understanding agent behavior.
What is Logged?
Every time an agent requests authorization, Lelu records a detailed event. This includes both approved and denied requests, as well as requests that were queued for human review.
Request Details
- • Agent ID
- • Action requested
- • Target resource
- • Provided confidence score
- • Request context/reasoning
Decision Details
- • Final decision (allow/deny/queue)
- • Timestamp
- • Policies evaluated
- • Human reviewer ID (if applicable)
- • Review timestamp (if applicable)
Viewing the Audit Trail
The Lelu Platform provides a dedicated "Audit" page where you can search, filter, and inspect all authorization events.
Interactive Audit Dashboard
Navigate to the "Audit" section in the Lelu UI to view the complete history of agent actions.
Storage Backends
By default, Lelu stores audit logs in its PostgreSQL database. For long-term retention and compliance, you can configure Lelu to sync logs to external storage.
docker-compose.yml
services:
engine:
image: lelu-engine:latest
environment:
# Enable S3 sync for audit logs
- LELU_S3_BUCKET=my-company-audit-logs
- AWS_REGION=us-east-1
- AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}