AI Agent Logging That Helps Later
Logs should answer what happened, when, why, and what changed. They should not become a second copy of every secret and private record.
When this matters
This page is for operators who want Rocky to produce usable work without turning the system into a mystery box. Use it when you need a practical path, a clear verification step, and a boundary between suggestion and action.
The operating pattern
- Log decisions. Record action names, timestamps, actor, target, and result.
- Hash sensitive identifiers. Store enough to correlate without exposing raw private values.
- Keep source links. Link to records when access-controlled instead of duplicating private content.
- Separate debug from audit. Verbose traces expire faster than audit summaries.
- Review retention. Delete or archive logs on a schedule.
Pre-flight checklist
- Action and result are visible
- Errors include enough context to fix
- Secrets are redacted
- PII is minimized
- Retention is deliberate
Common failure modes
- Logging everything: Full payload dumps can become private-data leaks.
- No correlation: If events cannot be connected, debugging slows down.
- Permanent debug logs: Temporary detail should not live forever.
Verification
A page is not done because it was drafted. Verify the source, run the workflow, inspect the output, and record what changed. If a step touches money, customers, accounts, permissions, or private data, keep it behind an explicit human approval gate.
