Audit & Evidence¶

Kla Digital provides a tamper-evident Audit Trail for all agent activities. This ensures that you can prove what an agent did, why it did it, and when it happened.

The Audit Trail¶

Every event in the system—from execution steps to policy decisions—is logged to ImmuDB, an immutable database. These logs are cryptographically linked, meaning any attempt to alter history would break the cryptographic chain.

Verifying the Log¶

You can independently verify the integrity of the audit log using the Merkle root hash stored in the system.

Evidence Export¶

For compliance certifications (SOC 2, ISO 27001, EU AI Act), you can export a signed bundle of evidence.

CLI Usage¶

The easiest way to export evidence is using the Kla CLI:

# Export evidence for the last 30 days
kla export evidence --tenant tenant-123

# Export specifically for SOC 2 controls
kla export evidence --framework "SOC 2 Type II"

API Usage¶

You can also trigger exports programmatically:

POST /v1/evidence/export
Content-Type: application/json

{
  "tenantId": "tenant-123",
  "frameworks": ["SOC 2 Type II"],
  "format": "pdf"
}

Verifying Evidence Bundles¶

Exported bundles include a manifest.json with a detached JWS signature. You can verify this signature to ensure the evidence hasn't been tampered with since export.

# Verify an exported bundle
kla verify evidence --manifest ./exports/manifest.json

Compliance Mappings¶

The system automatically maps technical events to compliance controls: