Audit log

A log you can quietly edit is not evidence — it's a suggestion. Clavitor's audit trail is built so you don't have to take our word for it: every action is recorded, the record is a cryptographic chain, and you can verify it yourself.

What it gives you

• Every action, on the record. Every credential read, autofill, TOTP request, login, and administrative change — and every denial. Who, what, when, from where, and how it ended.
• Agents stand apart. A connected AI agent's activity is tagged as such, so it never blends into your own use. A harvesting integration can't hide in the noise.
• Tamper-evident. Events are hash-chained — each bound to the one before it — so a single altered, deleted, or reordered record breaks the chain visibly.
• Verify in one click. Re-walk the entire chain on demand and see, plainly, whether the record is intact.

In this section

• Introduction — what the audit log is for
• What gets logged — the full event taxonomy
• Reading the log — open it, filter it, export it
• Verifying integrity — prove nothing was changed
• Limits, honestly — retention, and what the log does not hold
• How it works — the chain, minus the secrets