Secure AI Atlas SECURITY & GOVERNANCE
EN / ES

Control

Prompt and Output Logging

Prompt and output logging preserves enough interaction evidence to support review, monitoring, audit, and incident response.

logging monitoring audit

What it constrains

Prompt and Output Logging makes AI behavior reconstructable. It helps teams understand what context entered the system, what the model produced, which tools were called, and which decisions followed.

Implementation

  • Decide what must be logged for each workflow and why.
  • Include prompts, outputs, retrieved context identifiers, tool calls, approval events, and error states where appropriate.
  • Protect logs with access controls, retention limits, and redaction rules.
  • Treat logs as sensitive when they contain personal data, secrets, internal plans, or regulated records.
  • Define incident review procedures before an incident occurs.

Owner

Security monitoring, platform engineering, privacy, and the workflow owner should agree on log scope. Logging without ownership becomes another unmanaged data store.

Evidence

  • Logging specification by workflow.
  • Retention and access-control configuration.
  • Samples proving tool calls and approval events are captured.
  • Redaction or exclusion rules for sensitive data.
  • Incident review runbook using the available logs.

Common errors

  • Logging everything because it is easy.
  • Logging nothing because privacy is hard.
  • Forgetting tool arguments and approval decisions.
  • Storing logs where support, analytics, or vendors can access more than intended.
  • Sensitive Data Disclosure
  • Prompt Injection
  • Insecure Tool Invocation