Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
Third-Party Integrations
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Executive & Leadership
Software Developers
Software Engineers
QA Engineers
Financial Engineers & Quants
Chat Workbench
Getting Started ChatPrompt EngineeringKnowledge Grounded ChatTeam Chat EnvironmentsChat AnalyticsChat Export ComplianceMulti Model ComparisonChat API IntegrationChat CustomizationAdvanced Chat Patterns
Tutorials
CLI Reference
Policy Reference
FAQ

Chat Export for Compliance & Audit

Keeptrusts records every chat interaction as a structured decision event, creating a comprehensive audit trail that satisfies regulatory and internal compliance requirements. This guide covers exporting chat data, building audit reports, and managing retention policies.

Use this page when

  • You need to export chat conversation data for regulatory audits or internal compliance reviews.
  • You are configuring data retention policies for chat decision events.
  • You want to build automated compliance reporting from chat audit trails.
  • You are integrating exported chat data with external SIEM, GRC, or data warehouse platforms.

Primary audience

  • Primary: Compliance Officers building audit evidence, Platform Administrators configuring retention
  • Secondary: Security Engineers integrating with SIEM, Technical Leaders defining data governance policies

The Chat Audit Trail

Every message sent through the Chat Workbench generates decision events that capture:

  • Timestamp: When the message was sent and when the response was received.
  • User identity: Who sent the message (user ID, team, role).
  • Model used: Which LLM provider and model processed the request.
  • Policy evaluations: Which policies were applied and their outcomes.
  • Token counts: Input and output token usage.
  • Cost: The settled cost for the interaction.
  • Knowledge citations: Which knowledge assets were referenced.
  • Content hashes: Integrity markers for the prompt and response content.

This data is available through the console, API, and export system.

Exporting Chat History

From the Console

  1. Navigate to Exports in the management console.
  2. Click Create Export Job.
  3. Configure the export parameters:
    • Date range: Select the time period to export.
    • Event types: Filter for chat events.
    • Teams: Scope to specific teams or select all.
    • Users: Scope to specific users if needed.
    • Format: Choose JSON or CSV.
  4. Click Run Export.
  5. Once complete, download the export artifact from the Exports list.

From the API

Create an export job programmatically:

curl -X POST "$API_URL/v1/exports" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "events",
    "filters": {
      "event_type": "chat",
      "from": "2026-01-01T00:00:00Z",
      "to": "2026-04-01T00:00:00Z",
      "team_ids": ["team_abc123"]
    },
    "format": "json"
  }'

Check export status and download the artifact:

# Check status
curl "$API_URL/v1/exports/$EXPORT_ID" \
  -H "Authorization: Bearer $TOKEN"

# Download artifact
curl "$API_URL/v1/exports/$EXPORT_ID/artifact" \
  -H "Authorization: Bearer $TOKEN" \
  -o chat-export.json

Scheduled Exports

For ongoing compliance needs, schedule recurring exports:

  1. Navigate to Exports in the console.
  2. Click Create Scheduled Export.
  3. Configure the schedule (daily, weekly, monthly).
  4. Set the export parameters (filters, format).
  5. Choose the destination:
    • Download: Available in the console for manual retrieval.
    • S3-compatible storage: Automatically uploaded to your storage bucket.

Scheduled exports run in the background via the worker_export binary and produce artifacts that can be ingested by your compliance tooling.

Building Audit Reports

Conversation-Level Audit

For auditing specific conversations, query events by conversation ID:

curl "$API_URL/v1/events?conversation_id=conv_xyz789" \
  -H "Authorization: Bearer $TOKEN"

The response includes every turn in the conversation with full policy evaluation details.

User Activity Audit

To audit a specific user's chat activity:

curl "$API_URL/v1/events?user_id=usr_abc123&type=chat&from=2026-04-01" \
  -H "Authorization: Bearer $TOKEN"

Policy Compliance Audit

To verify policy enforcement across chat interactions:

curl "$API_URL/v1/events?type=chat&policy_outcome=blocked&from=2026-04-01" \
  -H "Authorization: Bearer $TOKEN"

This returns all instances where chat policies blocked a message, providing evidence that governance controls are actively enforced.

Regulatory Evidence

What Regulators Typically Request

RequirementKeeptrusts Coverage
Proof of AI governance controlsPolicy evaluation records in every decision event
Audit trail of AI interactionsTimestamped events with user identity and content hashes
Evidence of human oversightEscalation events showing moderator review and decisions
Data handling complianceDLP policy trigger records, redaction logs
Cost and usage accountabilityToken and cost records attributed to users and teams
Knowledge provenanceCitation records linking responses to source assets

Preparing for Audits

  1. Identify the scope: Determine which time period, teams, and users are in scope.
  2. Create targeted exports: Use filters to produce focused export artifacts.
  3. Include policy configurations: Export or document the policy chains active during the audit period.
  4. Include escalation records: Show that human oversight was applied where required.
  5. Verify data integrity: Content hashes in events allow verification that records have not been tampered with.

Data Retention Policies

Event Retention

Keeptrusts retains chat decision events based on the configured retention period:

  • Default retention: Set via KEEPTRUSTS_EVENT_RETENTION_HOURS environment variable.
  • Retention worker: The worker_lifecycle binary prunes events beyond the retention window.
  • Before pruning: Ensure compliance exports have captured all required data.

Configuring Retention

Retention is configured at the API level:

# Set retention to 90 days (2160 hours)
KEEPTRUSTS_EVENT_RETENTION_HOURS=2160

Retention Best Practices

ConsiderationRecommendation
Regulatory minimum retentionSet retention to meet your industry's longest requirement
Cost vs. complianceLonger retention increases storage costs — schedule exports for archival
Export before pruningConfigure scheduled exports that run before the retention window closes
Legal holdFor litigation or investigation, disable pruning and retain all events

Export Formats

JSON Format

JSON exports provide the full event structure:

{
  "events": [
    {
      "id": "evt_abc123",
      "type": "chat",
      "timestamp": "2026-04-15T10:30:00Z",
      "user_id": "usr_def456",
      "team_id": "team_ghi789",
      "model": "gpt-4o",
      "input_tokens": 150,
      "output_tokens": 320,
      "cost_usd": 0.0047,
      "policies_applied": ["pii-detection", "output-redaction"],
      "policy_outcome": "allowed",
      "citations": ["kb_asset_jkl012"]
    }
  ]
}

CSV Format

CSV exports flatten the event structure for spreadsheet analysis. Each row represents one decision event with columns for all metadata fields.

Integration with External Systems

Export artifacts can be ingested by external compliance and SIEM platforms:

  • SIEM integration: Forward event data to Splunk, Elastic, or similar platforms.
  • GRC tools: Import audit trails into governance, risk, and compliance platforms.
  • Data warehouses: Load CSV or JSON exports into BigQuery, Snowflake, or Redshift for custom reporting.
  • S3-compatible storage: Direct upload to any S3-compatible backend for archival.

Best Practices

PracticeWhy It Matters
Schedule automated exportsEnsures compliance data is captured before retention pruning
Use targeted filtersProduces focused, manageable export artifacts
Include policy configurations in auditsDemonstrates governance controls were in place
Verify content hashesProves audit trail integrity
Archive exports in durable storageMeets long-term regulatory retention requirements
Test export and restore processValidates that your compliance workflow works end to end

Next steps

For AI systems

  • Canonical terms: chat export, decision event, audit trail, data retention, compliance evidence, content hash, export job, export artifact.
  • Console pages: Exports. API endpoints: POST /v1/exports, GET /v1/exports/{id}, GET /v1/exports/{id}/download.
  • Event fields: timestamp, user identity, model, policy evaluations, token counts, cost, knowledge citations, content hashes.
  • Best next pages: Chat Analytics, Chat API Integration, Advanced Chat Patterns.

For engineers

  • Create export jobs via the console (Exports → Create Export Job) or programmatically with POST /v1/exports.
  • Filter exports by date range, event type (chat), team, user, and format (JSON or CSV).
  • Schedule automated exports before the retention window prunes events (KEEPTRUSTS_EVENT_RETENTION_HOURS).
  • Verify audit trail integrity using the content_hashes field in exported events.
  • Forward exports to S3-compatible storage, Splunk, Elastic, or GRC platforms for long-term archival.

For leaders

  • Every chat interaction produces a tamper-evident decision event — satisfies audit trail requirements for most regulatory frameworks.
  • Configure retention periods to match your regulatory obligations (e.g., 7 years for financial services, 6 years for GDPR).
  • Automated export scheduling prevents data loss from retention pruning.
  • Content hashes provide non-repudiation evidence that audit data has not been modified post-capture.
  • Export costs scale with volume — use targeted filters to produce focused, cost-effective audit artifacts.