Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.fact0.io/llms.txt

Use this file to discover all available pages before exploring further.

Audit vs telemetry

Fact0 has two parallel pipelines: 
Audit log   →  "Did it happen? Who? When?"     (compliance)
Telemetry   →  "How did it happen? Why?"       (debugging)
For high-value events (LLM spend, customer data access, refunds) log to both.

Audit log

  • Endpoints: /v1/events, /v1/events/batch
  • Storage: audit_events — SHA-256 hash chain per tenant
  • Auth: alk_live_* API keys (read/write scopes)
  • Use for: SOC 2 evidence, tamper detection, regulator exports

Execution telemetry

  • Endpoints: /api/v1/executions/*
  • Storage: executions, spans, execution_events
  • Auth: Unauthenticated locally (API keys planned)
  • Use for: DAG visualization, replay, debugging non-deterministic agents

Span kinds (telemetry)

span_typeExample
TOOL_CALLweb_search, db.query
MODEL_INVOCATIONgpt-4o, claude-sonnet
STATE_MUTATIONcache/DB read-write
HUMAN_APPROVALmanager sign-off
POLICY_EVALUATIONguardrail / OPA check
CUSTOMrouting, planning

Audit event shape

{
  "actor": { "id": "...", "type": "human|agent|system" },
  "action": "resource.verb",
  "resource": { "id": "...", "type": "..." },
  "outcome": "success|failure|error",
  "metadata": {}
}
See Event schema and Executions.