// Package auditlog defines the immutable audit log types and the Logger interface // for recording every LLM request processed by the proxy. package auditlog import "time" // AuditEntry holds all metadata for a single proxied LLM request. // It is written to ClickHouse asynchronously via BatchWriter. // prompt_anonymized is stored encrypted (AES-256-GCM) and is never // returned to API callers. type AuditEntry struct { RequestID string TenantID string UserID string Timestamp time.Time ModelRequested string ModelUsed string Provider string Department string UserRole string PromptHash string // hex SHA-256 of the original (pre-PII) prompt ResponseHash string // hex SHA-256 of the response content PromptAnonymized string // AES-256-GCM base64-encoded anonymized prompt SensitivityLevel string // "none"|"low"|"medium"|"high"|"critical" TokenInput int TokenOutput int TokenTotal int CostUSD float64 LatencyMs int Status string // "ok"|"error" ErrorType string PIIEntityCount int Stream bool } // AuditQuery filters audit log entries for the GET /v1/admin/logs endpoint. type AuditQuery struct { TenantID string UserID string // filter by specific user (GDPR Art. 15) StartTime time.Time EndTime time.Time Provider string MinSensitivity string // "none"|"low"|"medium"|"high"|"critical" Limit int // default 50, max 200 Offset int } // AuditResult is the paginated response for AuditQuery. type AuditResult struct { Data []AuditEntry Total int } // CostQuery filters cost aggregation for the GET /v1/admin/costs endpoint. type CostQuery struct { TenantID string StartTime time.Time EndTime time.Time GroupBy string // "provider"|"model"|"department" } // CostSummary is one row in a cost aggregation result. type CostSummary struct { Key string TotalTokens int TotalCostUSD float64 RequestCount int } // CostResult is the response for CostQuery. type CostResult struct { Data []CostSummary }