Skip to content
TruthVouch Docs

Audit Export & Compliance

Export Formats

JSON

Complete, structured data for programmatic use:

Terminal window
1. Go to **Governance**  **Audit Trail**
2. Click **Export**  **JSON**
3. Optionally apply filters first
4. Download file (audit-2025-03-15.json)

Sample Output:

{
  "export_metadata": {
    "timestamp": "2025-03-15T10:30:00Z",
    "period": "2025-03-01 to 2025-03-15",
    "total_entries": 2847,
    "hash_verification": "sha256:abc123...",
    "encrypted_fields": ["request_text", "response_text"]
  },
  "entries": [
    {
      "id": "log_001",
      "timestamp": "2025-03-15T10:23:45Z",
      "sequence_number": 1,
      "hash": "sha256:entry1hash...",
      "previous_hash": "sha256:genesis",
      "user_id": "user_123",
      "model": "gpt-4",
      "decision": "allowed",
      "latency_ms": 145,
      "tokens": 412
    }
  ]
}

Use Cases:

  • Programmatic analysis (Python, SQL, etc.)
  • Integration with SIEM systems
  • Auditor review with specialized tools

CSV

Tabular format for spreadsheets and analysis:

Terminal window
1. Click **Export**  **CSV**
2. Download file
3. Open in Excel, Google Sheets, or Tableau

Sample Output:

timestamp,user_id,model,decision,violation_type,confidence,latency_ms
2025-03-15T10:23:45Z,user_123,gpt-4,allowed,,0.0,145
2025-03-15T10:25:12Z,user_456,claude-3,blocked,pii_detected,0.98,78
2025-03-15T10:27:03Z,user_789,gpt-4,warned,toxicity_detected,0.72,92

Use Cases:

  • Spreadsheet analysis
  • Trend graphing
  • Compliance dashboards
  • Auditor reports

PDF

Formatted report for printing and sharing:

Terminal window
1. Click **Export**  **PDF**
2. Choose report style:
   - Executive Summary (1-2 pages)
   - Detailed Report (5-10 pages)
   - Full Technical (20+ pages)
3. Download

PDF Includes:

  • Cover page with company info
  • Executive summary of findings
  • Charts and graphs of violations
  • Sample audit entries
  • Compliance framework mapping
  • Signature page for sign-off

Use Cases:

  • Board meetings
  • Investor presentations
  • Auditor meetings
  • Regulatory submission

SIEM Integration

Send audit logs directly to your security system:

Setup:

  1. Go to SettingsIntegrationsSIEM
  2. Select platform:
    • Splunk
    • ELK Stack
    • Sumo Logic
    • Datadog
    • Custom Syslog
  3. Configure credentials/endpoint
  4. Choose which events to export:
    • All requests
    • Violations only
    • Policy changes
    • Rare events
  5. Click Test Connection
  6. Click Enable

Result:

  • Audit logs automatically sent in real-time
  • Integrated into your security dashboard
  • Searchable alongside other security events
  • Alerting based on your rules

Filtering Before Export

Export only relevant data:

  1. Go to GovernanceAudit Trail
  2. Apply filters:
    • Time Range: Select start/end dates
    • User: Filter by specific user
    • Model: Filter by model
    • Status: Blocked, allowed, or warned
    • Violation Type: PII, injection, etc.
  3. Click Export

Example: Export all PII violations from Q1

Filter:
  Violation Type: PII detected
  Time Range: 2025-01-01 to 2025-03-31
  Status: (any)


Export → CSV

Scheduled Exports

Automatically export audit logs on a schedule:

Setup

  1. Go to GovernanceAudit TrailScheduled Exports
  2. Click + New
  3. Name: “Monthly Audit Report”
  4. Schedule: Monthly, first day of month at 09:00 UTC
  5. Query: Use advanced query syntax (optional)
  6. Format: CSV, JSON, or PDF
  7. Recipients:
    • Email addresses (comma-separated)
    • Slack channel
    • Webhook URL
  8. Click Create

Common Schedules

Daily Security Report

Schedule: Every day at 08:00 UTC
Query: decision:blocked OR decision:warned
Format: CSV
Recipients: security-team@company.com

Weekly Compliance Report

Schedule: Every Monday at 09:00 UTC
Query: violation:(pii_detected OR injection_detected)
Format: PDF
Recipients: compliance@company.com

Monthly Board Report

Schedule: 1st of month at 10:00 UTC
Query: (none - all events)
Format: PDF (Executive Summary style)
Recipients: cto@company.com, security-lead@company.com

Quarterly Audit Export

Schedule: 1st day of Q (Jan 1, Apr 1, Jul 1, Oct 1)
Format: JSON
Recipients: auditor@firm.com

Compliance Evidence

Use exports to prove compliance to auditors:

SOC 2 Type II

Required Controls:

  • CC7.2: System monitoring

Evidence:

  1. Export audit trail for audit period (usually 1 year)
  2. Verify hash chain: truthvouch audit verify --file audit.json
  3. Show: All requests logged, no gaps, integrity verified
  4. Share with auditors

File to Export:

Terminal window
Export:
  Format: JSON
  Time Range: Audit period (e.g., Jan 1 - Dec 31)
  Include Hash Verification

ISO 42001

Required Controls:

  • 4.4 Governance monitoring

Evidence:

Terminal window
1. Export all governance-related events
2. Filter: policy changes, violations, approvals
3. Create summary: X policies deployed, Y violations blocked
4. Provide to certification body

EU AI Act

Required Controls:

  • Article 9: Transparency
  • Article 73: Incident Reporting

Evidence:

Terminal window
1. Export all AI usage (Article 9 transparency)
2. Export any violations > threshold (Article 73)
3. Show timestamp and decision for each
4. Provide to regulatory body if requested

GDPR

Required Controls:

  • Article 32: Security measures
  • Article 17: Right to delete

Evidence:

Terminal window
1. Export shows encryption of sensitive fields
2. Export shows timestamps of data deletion
3. Verify no unauthorized access in audit trail
4. Use as evidence in data protection audit

Verification & Integrity

Verify Export Integrity

The JSON export includes cryptographic hashes. Verify no tampering:

Terminal window
# Command
truthvouch audit verify --file audit-export.json


# Output
Verifying audit hash chain...
Entry 1:  Valid
Entry 2:  Valid
Entry 3:  Valid
...
Entry 2847:  Valid


All entries verified. No tampering detected.
Hash chain is intact.

What Verification Proves

  • No entries were added after export
  • No entries were deleted from the chain
  • No entry contents were modified
  • Export is authentic and unmodified

Auditors will:

  1. Download your JSON export
  2. Run verification command
  3. See “All entries verified”
  4. Confirm audit trail integrity

Real-World Compliance Scenarios

Scenario 1: SOC 2 Audit

Timeline: Auditor conducting annual SOC 2 review

Steps:

  1. Export: Full year of audit logs

    Time Range: 2024-01-01 to 2024-12-31
    Format: JSON
    Include Verification Hashes: Yes

  2. Share with Auditor:

    • Via secure link (if available)
    • Download and email
    • Via auditor portal

  3. Auditor Reviews:

    • Runs verification: ✓ Passes
    • Analyzes violations
    • Confirms controls working
    • Includes in audit report

  4. Outcome: Control CC7.2 marked as “Effective”

Scenario 2: Data Breach Investigation

Timeline: Company discovers potential data exposure

Steps:

  1. Query audit logs:

    violation:pii_detected
    AND decision:blocked
    AND timestamp:[incident_date]

  2. Export evidence:

    Format: PDF
    Include: Which PII, when detected, how blocked

  3. Share with:

    • Legal team
    • Regulators (if required)
    • Customers (if required)

  4. Demonstrate: Firewall detected and blocked attempt

Scenario 3: Investor Due Diligence

Timeline: Company fundraising, investor wants security proof

Steps:

  1. Generate Executive Report:

    Period: Last 90 days
    Format: PDF (Executive Summary)
    Highlight: "X violations detected and blocked"

  2. Share with Investor:

    • Key metrics on first page
    • Framework compliance
    • No personal data exposed

  3. Highlight:

    • “100% of AI systems governed”
    • “Zero AI-related security incidents”
    • “SOC 2 compliant”

API Access

Export audit logs programmatically:

REST API

Terminal window
# Get audit logs
curl -X GET "http://localhost:5000/api/v1/governance/audit/export" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json" \
  -d '{
    "start_date": "2025-01-01",
    "end_date": "2025-03-31",
    "format": "json",
    "include_verification": true
  }'


# Response: JSON file download

Python SDK

from truthvouch import TruthVouchClient


client = TruthVouchClient(api_key="tvk_...")


# Export audit logs
export = client.governance.audit.export(
    start_date="2025-01-01",
    end_date="2025-03-31",
    format="json",
    verify=True  # Include hash verification
)


# Save to file
with open("audit-export.json", "w") as f:
    f.write(export.to_json())


# Verify integrity
if export.verify():
    print("Audit trail verified - no tampering detected")
else:
    print("WARNING: Audit trail integrity check failed!")

Storage Considerations

File Sizes

Typical export sizes:

Period: 1 month
Format: JSON
Entries: 2,847
Size: ~5 MB (compressed) / ~15 MB (uncompressed)


Period: 1 year
Format: JSON
Entries: 34,000
Size: ~60 MB (compressed) / ~180 MB (uncompressed)

Archive Old Exports

Terminal window
# Export to file
truthvouch audit export --period 2024-Q1 --format json > audit-2024-Q1.json.gz


# Upload to cold storage
aws s3 cp audit-2024-Q1.json.gz s3://compliance-archives/ --storage-class GLACIER


# Keep reference in audit management system