Wiki Navigation

Audit Logs (Enterprise)

Not availableUI

manage_audit provides a tamper-evident audit log for MCP Engine activity: which tools ran, on which model, when, and whether they succeeded.

Use it when you need change control evidence (compliance, regulated environments, incident reviews). In many organizations, audit export is an admin workflow and the tool may be intentionally hidden.

You typically won’t call the tool directly-tell the LLM what you need (status/export/verify), and it will use manage_audit behind the scenes.

What audit logs cover (and what they don't)

Audit logs record every action the LLM takes through MCP Engine. In practice, this means you can answer questions like:

  • "Who changed the Sales measures last Tuesday?" - the log shows which tool ran, when, on which model, and whether it succeeded.
  • "What exactly was modified during the incident?" - with arguments logging enabled, you can see the full parameters of each tool call (e.g. which measure was renamed to what).
  • "Has the audit log been tampered with?" - integrity verification detects if any entries were modified after the fact.

What audit logs do not capture:

  • Edits made directly in Power BI Desktop UI, Tabular Editor, or other external tools - only MCP tool executions are logged.
  • Power BI Service tenant/workspace-level activity - this is a separate audit system. MCP audit is local to the MCP server.

What to ask the LLM (quick prompts)

“Check audit status and summarize: enabled, retention days, includes reads, and where logs are stored.” “List the last 50 audit entries and summarize the notable events.” “Export audit logs for the last 7 days and summarize writes vs reads.” “Verify audit integrity and explain what it means if verification fails.” “Export audit entries for this model only for the last 30 days.”

How to use audit logs in real workflows

1) Prove change control (“what changed, when?”)

“Export the audit log for the last 14 days. Summarize all write operations by tool and by model.”

If you need a human-reviewable output:

“Summarize it as a Markdown table I can paste into a change record.”

2) Incident review (“why did totals change?”)

Start by narrowing the window:

“List all manage_schema, manage_semantic, and manage_security activity in the last 48 hours for this model and summarize.”

If you need to understand how a change was made, and your environment permits it:

“Re-run the export including arguments for only the relevant entries and redact anything sensitive in the summary.”

3) Integrity verification (tamper-evidence)

“Verify the audit chain integrity and report whether it is valid. If invalid, show the first broken entry id and recommend next steps.”

Exporting (and saving to a file)

Exports can be returned inline in chat, or saved to a file on the machine running the MCP server.

User prompts:

“Export audit logs for the last 7 days and save to ./audit-export.json. Then summarize.” “Export only write operations for this model and save to ~/mcp-audit/contoso-write-log.json.”

Important details:

  • Relative export paths are saved under the server’s ~/.mcp-engine/exports/ folder.
  • ~ expands to the server user’s home directory.
  • Path traversal (using ..) is rejected.
  • If your MCP server runs on a remote host, the saved file is on that host (not your laptop).

Locked-down environments (mode behavior + tool exposure)

Audit is an Enterprise feature and is also frequently gated by deployment settings.

ModeAvailability
Full modeLimitedLimited
Read-only modeNot availableNot available
Browse-only modeNot availableNot available

Notes: Often hidden unless enabled; exports can be saved on server host.

Learn more about modes and restrictions.

Notes:

  • Even in full mode, the tool may be hidden unless an admin enables tool exposure (for example, MCP_ENGINE_AUDIT_TOOL_ENABLED=true).
  • If you don’t see audit tooling, ask: “Is audit enabled but the tool hidden? What’s the approved export path for this org?”

Troubleshooting

Likely expected: the tool is hidden unless explicitly exposed, and it’s also not available in read-only/browse-only deployments. Ask an admin whether audit is enabled and whether tool exposure is allowed.

Narrow by date range, model id, and operation type (read vs write). Ask the assistant to export a smaller window and summarize.

Treat this as an incident. Ask the assistant for the first broken entry id and the export metadata, then escalate to your admin/compliance owner.

See also