Skip to main content
Activation required. AI access management must be enabled for your tenant before you can use it. To get started, contact the C1 support team for a walkthrough.
Every tool call that flows through C1 MCP is logged. This page covers what’s captured and how to export it for long-term retention, SIEM ingestion, or compliance reviews.

What gets logged

Each tool call produces one audit log entry with: In addition to tool call events, the following non-call events are also captured:
  • Access request submitted / approved / denied
  • Tool approved / disabled / classification changed
  • MCP server registered / removed / auth changed
  • AI client registered / state changed (active → hidden → closed → deleted)
  • Kill switch flipped (tenant, server, tool, or client level)
  • Tenant defaults changed

Review AI agent conversations

The Conversations page under Agentic AI gives admins a read-only view of AI agent conversations across your organization. Conversations are organized into Web and Slack tabs so you can review activity from both surfaces in one place. To access it, navigate to Agentic AI > Conversations. On the Slack tab, use the search bar to find conversations by title, then click any conversation to open a read-only transcript.

Export the audit log

AI tool usage events are included in the C1 system log. To set up export to S3 or another data source for SIEM ingestion, see System logs.