User guideAI GatewayMCP audit log
AI Gateway

MCP audit log

Review tool invocation history with stats, charts, filters and pagination.

Overview

The Audit Log records every tool call that flows through the MCP Gateway. It's your compliance trail for agent activity: what was called, who called it, whether it succeeded, and how long it took.

You'll find it at AI Gateway > MCP Gateway > Audit log.

Summary stats

Four stat cards appear at the top of the page, summarizing activity for the selected time period:

Stat cardWhat it shows
Total callsTotal number of tool invocations in the selected period.
Error ratePercentage of tool calls that failed, shown as a percentage. Highlighted in red when errors exist.
Avg latencyAverage round-trip time for tool calls in milliseconds.
Unique toolsNumber of distinct tools that were called.

Hover over any stat card to see a tooltip with more context.

Time period selector

A dropdown in the top-right corner controls the time window for summary stats and charts. Options are:

  • Last 7 days (default)
  • Last 14 days
  • Last 30 days

Changing the period reloads the stats and charts. The log table below always shows the most recent entries regardless of this selector.

Charts

Two bar charts appear side by side when there's enough data:

  • Top 10 tools by calls: Shows the most frequently invoked tools, ranked by total call count. Hover over a bar to see the exact number.
  • Avg latency for top 10 tools: Shows average round-trip time per tool. Helps identify slow or bottlenecked tools. Values are in milliseconds.

Each chart has an info icon with a tooltip explaining what it measures. Both charts use the time period you selected.

Log entries

Below the charts, the "Recent tool calls" section lists individual log entries. Each entry shows:

FieldDescription
Tool nameThe name of the tool that was called, in monospace font.
StatusColor-coded chip showing the outcome: success, error, blocked, rate_limited, or approval_required.
LatencyRound-trip time in milliseconds.
Result summaryA truncated summary of the tool's response (up to 500 characters). Shows a dash if no summary is available.
Agent keyThe name of the agent key that made the call.
TimestampWhen the call happened.

Status values

Each log entry has one of these statuses:

  • success: The tool was called and returned a result.
  • error: The tool call failed (server error, invalid input, etc.).
  • blocked: A guardrail rule blocked the call before it reached the server.
  • rate_limited: The agent key exceeded its requests-per-minute limit.
  • approval_required: The tool requires approval. An approval request was created.

Filtering logs

Two filters appear above the log entries:

  • Filter by tool: Text field. Type a tool name (e.g., "greet") to show only calls to that tool.
  • Status: Dropdown to filter by result status: All statuses, Success, Error, Blocked, or Rate limited.

Both filters work together. Changing either one resets the page to 1.

Pagination

The log table shows 20 entries per page. At the bottom you'll see:

  • A counter showing which entries are displayed (e.g., "Showing 1-20 of 156").
  • Previous and Next buttons to navigate between pages.

Backend API

The audit log exposes several API endpoints for programmatic access:

EndpointDescription
GET /mcp/audit/logsList log entries with pagination and filters (agent_key_id, tool_name, result_status, start_date, end_date).
GET /mcp/audit/statsGet summary statistics (total calls, error count, avg latency, unique tools, unique agents) for a given number of days.
GET /mcp/audit/stats/by-toolGet call count and average latency broken down by tool name.
GET /mcp/audit/stats/by-agentGet call count and average latency broken down by agent key.
POST /mcp/audit/cleanupDelete audit logs older than the retention period. Called by scheduled job.
POST /mcp/audit/cleanup-approvalsDelete decided/expired approval requests older than the retention period.

Data retention

Audit logs have a configurable retention period (set in the gateway configuration). A scheduled cleanup job removes logs and decided approval requests older than the retention window. This runs automatically.

Export before cleanup
If you need to keep audit data longer than the retention period for regulatory reasons, use the API to export logs before they're cleaned up.

Empty state

If no audit logs exist yet, you'll see a tip explaining how to generate them: "Make tool calls through the MCP Gateway using an agent key at POST /v1/mcp with the tools/call method."

Using audit logs for compliance

The audit log directly supports EU AI Act Article 12 (record-keeping requirements for high-risk AI systems). Every tool invocation is recorded with:

  • Who made the call (agent key identity)
  • What was called (tool name and arguments)
  • When it happened (timestamp)
  • What happened (status, result summary, latency)
  • Whether it was blocked, rate-limited, or required approval

Related articles

Agent keys

The keys that identify agents in the audit trail.

Approvals

Review pending tool execution requests logged in the audit trail.

MCP guardrails

Rules that generate "blocked" entries in the audit log.

PreviousMCP agent keys
NextMCP approvals
MCP audit log - AI Gateway - VerifyWise User Guide