Overview
This page shows representative examples of logging generated by the AI Firewall during inspection of AI-related activity. The examples are illustrative, but they reflect the level of detail typically captured for operational monitoring, policy enforcement, incident investigation, and audit review.
The examples below assume AI activity is being evaluated at the gateway layer before or during interaction with an AI service. The same general logging pattern applies across supported models, interfaces, and integrated enterprise applications.
Logging Scope
AI Firewall logs generally record:
user, service, device, and session identifiers
request metadata, timestamps, and policy evaluation outcomes
model, application, and destination details
prompt and response classification results
policy matches, enforcement actions, and override status
detected data types, risk signals, and confidence scores
anomaly indicators and alert routing
audit events and security-relevant flags
This information is used to confirm that AI usage was identified correctly, classified according to policy, and handled in a controlled and auditable manner.
Example 1: AI Usage Detection Event
This example shows a request being identified as AI-related traffic and submitted for policy inspection.
2026-03-11T14:19:10.551Z INFO ai-firewall-gateway event=ai_usage_detected correlation_id=fw-7f1d3f8e-8f47-4e12-b4e9-91d9d8fd0d55 request_id=req-b9ce6b74b5b94f4ea2f4 environment=prod service=ai-firewall account_id=acct_1024 project_id=proj_88 user_id=user_4821 user_email=jane.doe@contoso.com actor_type=employee session_id=sess_18db4472 client_ip=10.24.16.88 device_id=mdm-lpt-88219 channel=web application=chat.openai.com destination_service=openai model_declared=gpt-4.1 request_method=interactive_prompt request_size_bytes=8421 inspection_status=accepted retry_count=0
Example 2: Classification and Policy Evaluation Event
This example shows the same request after prompt inspection, classification, and policy evaluation.
2026-03-11T14:19:10.913Z INFO ai-policy-engine event=ai_request_classified correlation_id=fw-7f1d3f8e-8f47-4e12-b4e9-91d9d8fd0d55 account_id=acct_1024 project_id=proj_88 user_id=user_4821 application=chat.openai.com destination_service=openai model_effective=gpt-4.1 classification_pipeline=detect_ai_usage>classify_content>evaluate_policy ai_usage_type=prompt_submission content_classification=business_data detected_topics="financial planning; internal operations" detected_data_types="confidential_business_data" prompt_risk_score=0.78 response_risk_score=pending policy_set=corp_ai_usage_baseline_v5 matched_policy_id=pol_044 matched_policy_name="Confidential Data Review" policy_decision=allow_with_logging requires_human_review=false evaluation_duration_ms=187
Example 3: Sensitive Content Detection Event
This example shows a request where the firewall identified regulated or sensitive content categories within the prompt.
2026-03-11T14:19:10.905Z INFO ai-classifier event=sensitive_content_detected correlation_id=fw-7f1d3f8e-8f47-4e12-b4e9-91d9d8fd0d55 account_id=acct_1024 user_id=user_4821 inspection_target=prompt classification_status=completed detected_entity[0].type=financial_forecast detected_entity[0].confidence=0.93 detected_entity[1].type=internal_project_code detected_entity[1].confidence=0.88 detected_entity[2].type=confidential_business_term detected_entity[2].confidence=0.81 aggregate_confidence=0.89 severity=medium recommended_action=log_and_monitor
Example 4: Audit Record
This is the corresponding audit entry for the policy decision applied to the AI interaction.
2026-03-11T14:19:10.922Z INFO audit-log audit_event=ai_request_evaluated result=success actor_type=user actor_id=user_4821 actor_email=jane.doe@contoso.com account_id=acct_1024 project_id=proj_88 correlation_id=fw-7f1d3f8e-8f47-4e12-b4e9-91d9d8fd0d55 application=chat.openai.com destination_service=openai action=inspect_and_classify policy_decision=allow_with_logging review_required=false
Example 5: Policy Enforcement Event
This example shows a request that was blocked because the firewall identified disallowed AI usage under the active enterprise policy.
2026-03-11T15:03:11.004Z WARN ai-enforcement-engine event=ai_request_blocked correlation_id=fw-1e2d4470-2d0d-4ef6-a365-8d2ec5e82f40 severity=high account_id=acct_1024 project_id=proj_88 user_id=user_7714 user_email=alex.ross@contoso.com application=chat.openai.com destination_service=openai model_effective=gpt-4.1 ai_usage_type=file_plus_prompt_submission detected_issue=restricted_data_exposure_risk matched_policy_id=pol_102 matched_policy_name="Prohibit Restricted Data in External AI Services" detected_data_types="customer_pii; contract_terms" prompt_risk_score=0.97 policy_decision=block automatic_action=request_denied alert_targets="Security Operations; Compliance Team" review_required=true
Example 6: Security-Relevant Anomaly Event
This example shows an AI usage pattern that was not blocked outright, but was flagged because it deviated from the user’s normal baseline.
2026-03-11T16:27:44.188Z WARN ai-anomaly-detector event=ai_usage_anomaly_detected correlation_id=fw-5a91c118-2ce7-48a8-a1cb-6d5d5ff91b70 severity=medium account_id=acct_1024 user_id=user_4821 user_email=jane.doe@contoso.com application=chat.openai.com destination_service=openai anomaly_type=unusual_volume_and_sensitivity baseline_window_days=30 requests_last_15m=41 baseline_requests_last_15m=4 sensitive_request_ratio_current=0.63 sensitive_request_ratio_baseline=0.08 geo_change_detected=false device_change_detected=true recommended_action=alert_and_review automatic_action=enhanced_monitoring_enabled review_required=true
Operational Use
These logs are typically used for three purposes.
First, they support operational troubleshooting. Teams can trace an AI interaction from initial detection through classification, policy evaluation, and enforcement.
Second, they support policy validation. The logs show how AI usage was identified, how content was classified, which policy matched, and what decision was applied.
Third, they support security monitoring. Alerts can be generated for conditions such as:
a user suddenly interacting with an unsanctioned AI service
repeated attempts to submit restricted or sensitive information
unusual spikes in AI usage volume
a change in device, session pattern, or application associated with AI activity
high-risk prompt classifications from privileged users or sensitive business groups
policy overrides or review-required decisions occurring above normal baseline