Governance and ops

What to log for AI agents in production

Track the events, decisions, and operational signals that matter when running AI agents in production.

The best logging strategy ties technical behavior back to business decisions and accountable owners.

Key takeaways

Log what a compliance reviewer would ask about, not just what a developer would debug.
Separate approval events from normal traces - they are accountability records.
Include the business object (order id, account id) on every log line, not just technical ids.
Log callback delivery status so you catch webhook failures early.

Logs that matter

Workflow and run IDs
Tool calls and outcomes
Approval requests and final decisions
Escalation events
Timeouts and callback delivery status
Human responder identity and timestamp

Frequently asked questions

Why log approvals separately from normal traces?

Because approvals are accountability events, not only technical events. They need business context and a retention policy that matches compliance requirements.

How long should I retain approval logs?

Match your compliance policy for the underlying business domain - usually years, not months. Treat them like transaction records.

Should I log prompt content?

Log summaries and decisions, not full transcripts. Full transcripts can carry PII and rarely help at audit time.