> ## Documentation Index > Fetch the complete documentation index at: https://docs.grantex.dev/llms.txt > Use this file to discover all available pages before exploring further. # Audit > Log agent actions and query the tamper-evident audit trail. ## Overview The `audit` sub-client provides a tamper-evident, append-only audit trail for all agent actions. Each entry is hash-chained to the previous entry, providing cryptographic integrity guarantees. ```typescript theme={null} await grantex.audit.log({ agentId: agent.id, grantId: token.grantId, action: 'email.sent', status: 'success', metadata: { to: 'user@example.com', subject: 'Flight confirmation' }, }); ``` *** ## audit.log() Log an agent action to the audit trail. ```typescript theme={null} const entry = await grantex.audit.log({ agentId: 'ag_01HXYZ...', grantId: 'grnt_01HXYZ...', action: 'payment.initiated', status: 'success', metadata: { amount: 420, currency: 'USD', merchant: 'Air India' }, }); console.log(entry.entryId); // 'aud_01HXYZ...' console.log(entry.hash); // SHA-256 hash of this entry console.log(entry.prevHash); // Hash of the previous entry (null for the first) console.log(entry.timestamp); // '2026-02-28T12:00:00Z' ``` ### Parameters The agent that performed the action. The grant under which the action was performed. A descriptive action identifier (e.g. `'email.sent'`, `'payment.initiated'`, `'file.uploaded'`). Arbitrary metadata to attach to the audit entry. Action outcome: `'success'`, `'failure'`, or `'blocked'`. ### Response: `AuditEntry` Unique audit entry identifier. The agent that performed the action. The agent's decentralized identifier. The associated grant ID. The user who authorized the grant. The action identifier. Arbitrary metadata attached to the entry. SHA-256 hash of this entry, used for chain integrity verification. Hash of the previous entry in the chain. `null` for the first entry. ISO 8601 timestamp when the action was logged. Action outcome: `'success'`, `'failure'`, or `'blocked'`. *** ## audit.list() Query audit entries with optional filters. ```typescript theme={null} const result = await grantex.audit.list({ agentId: 'ag_01HXYZ...', action: 'payment.initiated', since: '2026-02-01T00:00:00Z', until: '2026-02-28T23:59:59Z', page: 1, pageSize: 50, }); console.log(result.total); // 128 for (const entry of result.entries) { console.log(`[${entry.timestamp}] ${entry.action} - ${entry.status}`); } ``` ### Parameters Filter by agent ID. Filter by grant ID. Filter by principal (user) ID. Filter by action identifier. ISO 8601 start date for the query range. ISO 8601 end date for the query range. Page number (1-indexed). Number of entries per page. ### Response: `ListAuditResponse` Array of audit entry objects. Total number of entries matching the filters. Current page number. Number of entries per page. *** ## audit.get() Retrieve a single audit entry by its ID. ```typescript theme={null} const entry = await grantex.audit.get('aud_01HXYZ...'); console.log(entry.action); // 'payment.initiated' console.log(entry.hash); // 'a1b2c3d4e5f6...' console.log(entry.prevHash); // '9z8y7x6w5v4u...' console.log(entry.metadata); // { amount: 420, currency: 'USD' } ``` ### Parameters The audit entry ID to retrieve. ### Response Returns an `AuditEntry` object. ## Chain integrity Each audit entry contains a `hash` of its contents and a `prevHash` linking it to the previous entry. This creates a tamper-evident chain similar to a blockchain. If any entry is modified after the fact, the hash chain breaks. Use the [Compliance](/sdks/typescript/compliance) evidence pack to verify chain integrity programmatically: ```typescript theme={null} const pack = await grantex.compliance.evidencePack({ framework: 'soc2' }); console.log(pack.chainIntegrity.valid); // true console.log(pack.chainIntegrity.checkedEntries); // 1024 ```