Audit Logging
Every request proxied through Sylo is logged with full context. Query the audit log to see exactly what your agents are doing.
Querying
Section titled “Querying”const { events, total } = await sylo.queryAudit({ tenantId: "acme", destination: "api.openai.com", policyDecision: "allow", limit: 100, offset: 0,});Event fields
Section titled “Event fields”Each audit event contains:
| Field | Description |
|---|---|
timestamp | When the request was made |
destination | Target hostname (e.g., api.openai.com) |
method | HTTP method (GET, POST, etc.) |
path | Request path (e.g., /v1/chat/completions) |
statusCode | Response status from the target API |
policyDecision | allow, deny, or would-block (shadow mode) |
credentialUsed | Name of the injected credential (if any) |
mode | mitm or passthrough |
tenantId | Your customer identifier |
userId | End user who triggered the agent |
responseSize | Response body size in bytes |
Filtering
Section titled “Filtering”Filter by any combination of fields:
// All denied requestsawait sylo.queryAudit({ policyDecision: "deny" });
// All requests to GitHub for a specific tenantawait sylo.queryAudit({ tenantId: "acme", destination: "api.github.com",});Dashboard
Section titled “Dashboard”The Sylo dashboard shows audit events in a sortable table with real-time updates. Filter by destination, tenant, or policy decision.