AIGP Log Harvest — Extracting Governance from Vendor Logs
AIGP Log Harvest — Extracting Governance from Vendor Logs
PRIVATE AND PROPRIETARY. Owned by Kanjani AI Research & Causum. See NOTICE.md.
Status: SPEC (Experimental)
Purpose
When vendors won’t implement AIGP natively, harvest AIGP-equivalent records from their existing logs. Produces normalized AIGP RECORDs from heterogeneous vendor telemetry using system-to-system manifest files.
The Problem
Embedded AI vendors produce logs in their own format (or don’t log at all). Without native AIGP support, you have:
- Scattered telemetry across dozens of vendor dashboards
- No unified view of AI activity
- No way to apply consistent governance across vendors
The Solution
Vendor Logs (their format) ↓ API / S3 / stream / webhookaigp-log-harvest engine ↓ manifest-driven field mappingAIGP RECORD (normalized) ↓governance-server → unified audit trail → governance decisionsArchitecture
┌─────────────────────────────────────────────────────┐│ aigp-log-harvest ││ ││ ┌──────────┐ ┌──────────┐ ┌──────────┐ ││ │Salesforce│ │ Azure │ │ AWS │ ... ││ │ Manifest │ │ Manifest │ │ Manifest │ ││ └────┬─────┘ └────┬─────┘ └────┬─────┘ ││ ↓ ↓ ↓ ││ ┌─────────────────────────────────────────┐ ││ │ Harvest Engine │ ││ │ - Poll/stream vendor logs │ ││ │ - Apply manifest field mapping │ ││ │ - Normalize to AIGP RECORD schema │ ││ │ - Mark completeness level │ ││ │ - Deduplicate │ ││ └─────────────────────┬───────────────────┘ ││ ↓ ││ ┌─────────────────────────────────────────┐ ││ │ AIGP RECORD (normalized) │ ││ └─────────────────────┬───────────────────┘ │└─────────────────────────┼───────────────────────────┘ ↓ governance-server ingestManifest File Format
Each vendor/system gets a manifest that defines how to extract AIGP-equivalent data:
manifest_version: "1.0"vendor: "Salesforce"system: "Einstein AI"source: type: "rest_api" endpoint: "/services/data/v59.0/query" auth: "oauth2" poll_interval_seconds: 300 query: "SELECT Id, CreatedDate, UserId, Action, EntityType FROM SetupAuditTrail WHERE Action LIKE '%Einstein%'"
field_mapping: # AIGP RECORD field → vendor log field (or derivation) actor: "UserId" operation: "Action" timestamp: "CreatedDate" target_service: "'salesforce-einstein'" # static model_id: null # not available in logs input_hash: null # vendor doesn't log prompts output_summary: "EntityType" confidence: null prompt_length: null
derived_fields: app_id: "'SALESFORCE_EINSTEIN'" sensitivity: "UNKNOWN" # can't determine from logs alone
completeness: "PARTIAL"missing_fields: - model_id - input_hash - confidence - prompt_lengthnotes: "Salesforce audit trail captures AI feature usage but not prompt/response content."manifest_version: "1.0"vendor: "AWS"system: "Bedrock"source: type: "cloudtrail" event_source: "bedrock.amazonaws.com" s3_bucket: "cloudtrail-logs-705909755305" poll_interval_seconds: 60
field_mapping: actor: "userIdentity.arn" operation: "eventName" timestamp: "eventTime" target_service: "'aws-bedrock'" model_id: "requestParameters.modelId" input_hash: null # CloudTrail doesn't log prompt content output_summary: null confidence: null prompt_length: null
derived_fields: app_id: "userIdentity.principalId" sensitivity: "UNKNOWN"
completeness: "PARTIAL"missing_fields: - input_hash - output_summary - confidencenotes: "CloudTrail captures invocation metadata (who, which model, when) but not prompt/response content. Enable Bedrock model invocation logging for full content."manifest_version: "1.0"vendor: "Microsoft"system: "365 Copilot"source: type: "graph_api" endpoint: "/auditLogs/signIns" auth: "oauth2_app" poll_interval_seconds: 600 filter: "appDisplayName eq 'Microsoft 365 Copilot'"
field_mapping: actor: "userPrincipalName" operation: "appDisplayName" timestamp: "createdDateTime" target_service: "'microsoft-copilot'" model_id: null input_hash: null output_summary: null confidence: null
completeness: "MINIMAL"missing_fields: - model_id - input_hash - output_summary - confidence - prompt_length - operation_detailnotes: "Microsoft Graph audit logs show Copilot was USED but not WHAT was asked or answered. Minimal governance value without Microsoft Purview AI Hub."Completeness Levels
| Level | Meaning | Fields Available |
|---|---|---|
| FULL | Native AIGP — all fields present | All |
| HIGH | Most fields, missing only content hashes | actor, operation, model, timestamp, sensitivity |
| PARTIAL | Metadata only — who/when/which-service | actor, timestamp, target_service |
| MINIMAL | Usage detection only — “it was used” | actor, timestamp |
| NONE | No logs available | Nothing — paper governance only |
Harvest Engine (Python)
class HarvestEngine: def __init__(self, manifests_dir: str): self.manifests = self._load_manifests(manifests_dir)
async def harvest(self, manifest_id: str) -> list[AigpRecord]: manifest = self.manifests[manifest_id] raw_events = await self._poll_source(manifest["source"]) records = [] for event in raw_events: record = self._map_to_aigp(event, manifest["field_mapping"], manifest["derived_fields"]) record["completeness"] = manifest["completeness"] record["source_manifest"] = manifest_id records.append(record) return records
async def ingest_to_gov_app(self, records: list[AigpRecord]): for record in records: await gov_app_client.post("/api/v1/aigp/record", json=record)Integration with governance-server
Harvested records appear in governance-server alongside native AIGP records, but clearly marked:
| Source | Badge | Trust Level |
|---|---|---|
| Native AIGP | ✅ Full | High — DNA-signed, schema-validated |
| AIGP-Lite (edge) | ⚡ Lite | Medium — buffered, signed on sync |
| Log Harvest | 📋 Harvested | Low — derived from vendor logs, partial |
| No data | ❌ None | None — paper governance only |
Value Proposition
Even PARTIAL records are valuable:
- “We know Salesforce Einstein was used 847 times last week by 23 users”
- “We know Bedrock was invoked with model X by role Y at time Z”
- “We know Copilot was active but can’t see what it did”
This turns “we have no idea” into “we have partial visibility” — which is enough to:
- Identify high-usage AI systems for deeper review
- Detect shadow AI (unexpected services appearing in logs)
- Prioritize which vendors to push for native AIGP support
- Demonstrate governance effort to auditors (even if incomplete)
Limitations (Honest)
- Harvested records are NOT evidence — they’re derived metadata
- Cannot be DNA-signed (content not available to hash)
- Vendor log formats change without notice (manifests need maintenance)
- Some vendors log almost nothing useful (MINIMAL completeness)
- Latency: logs may be hours/days behind real-time
- Cannot prevent — only observe after the fact