5-Minute Setup: Add a Compliance-Grade Audit Trail to Any AI Agent

No preamble. You need an audit trail for your AI agent. Here's how to set one up in under 5 minutes with AgentTraceHQ.

Step 1: Sign Up (30 Seconds)

Go to agenttracehq.com and create your account. GitHub or Google OAuth — one click, no forms.

Step 2: Create Your Organization and Register Your First Agent (30 Seconds)

The onboarding wizard walks you through this automatically:

Name your organization (e.g., "Acme Fintech")
Register your first agent — give it a name and description (e.g., "Trade Advisor Agent — analyzes market data and recommends trades")

Each agent gets a unique agentId that links every trace back to the agent that generated it.

Step 3: Copy Your API Key (10 Seconds)

Your API key is generated automatically during onboarding. It looks like this:

athq_live_a7f3b9c1d4e8f2a6b0c5d9e3f7a1b4c8d2e6f0a3b7c1d5

Copy it now. You'll only see the full key once — we store a SHA-256 hash, not the plaintext.

Set it as an environment variable:

export AGENTTRACEHQ_API_KEY="athq_live_your_key_here"

Step 4: Install the SDK

npm install @agenttracehq/sdk

That's it. One dependency. No peer dependencies, no native modules, no build step.

Step 5: Add 3 Lines to Your Agent Code

Pick your framework:

LangChain

import { AgentTraceHQ, LangChainHandler } from "@agenttracehq/sdk";

// Initialize once
const athq = new AgentTraceHQ({
  apiKey: process.env.AGENTTRACEHQ_API_KEY,
  agentId: "trade-advisor-agent",
});

// Add the callback handler to your agent
const handler = new LangChainHandler(athq);

// Pass it to your existing agent executor
const result = await agentExecutor.invoke(
  { input: "Analyze NVDA for a swing trade" },
  { callbacks: [handler] }
);

Every LLM call, tool invocation, and chain step is automatically traced. No manual instrumentation.

CrewAI

import { AgentTraceHQ, CrewAIHandler } from "@agenttracehq/sdk";

const athq = new AgentTraceHQ({
  apiKey: process.env.AGENTTRACEHQ_API_KEY,
  agentId: "research-crew",
});

const handler = new CrewAIHandler(athq);

// Wrap your crew execution
const result = await handler.traceCrew(crew, {
  inputs: { topic: "Q1 2026 earnings analysis" },
});

Multi-agent crews are traced as a single session. You can see how tasks flow between agents.

Plain Node.js (Any Framework)

import { AgentTraceHQ } from "@agenttracehq/sdk";

const athq = new AgentTraceHQ({
  apiKey: process.env.AGENTTRACEHQ_API_KEY,
  agentId: "my-custom-agent",
});

// Trace any action
await athq.trace({
  action: "analyze_market_data",
  sessionId: "session-abc-123",
  input: { ticker: "NVDA", timeframe: "1W" },
  output: { recommendation: "buy", confidence: 0.87 },
  reasoning: "RSI oversold, MACD bullish crossover, earnings beat estimates",
  toolsUsed: ["market_data_api", "technical_analysis"],
  model: "gpt-4o",
  tokens: { input: 2150, output: 430, total: 2580 },
});

The SDK batches traces automatically (every 1 second or every 10 traces) and never blocks your agent's execution. If the network is down, it retries silently with exponential backoff. Your agent never crashes because of tracing.

Step 6: Run Your Agent and See the Trace

Run your agent as normal. Open the AgentTraceHQ dashboard and you'll see your traces appearing in real time:

Trace Timeline: Every action in chronological order with timestamps, latency, and token counts
Session View: Click a sessionId to see the full decision chain — input to reasoning to output, step by step
Agent Overview: Health metrics, trace volume, error rates, and cost tracking per agent

Each trace shows the full context: what the agent received, what it decided, what tools it used, and what it produced. No more guessing what happened in production.

Step 7: Click "Verify Chain" — Tamper-Proof Confirmation

Navigate to any trace and click Verify Chain. AgentTraceHQ walks the entire hash chain — every trace is linked to the previous one via SHA-256 hashes. If any trace was modified after the fact, the chain breaks and you'll see exactly where.

Green checkmark = your audit trail is cryptographically intact. Every trace is exactly as it was when your agent produced it.

This is what separates a compliance-grade audit trail from a log file. Regulators and auditors can independently verify that nothing was altered. Read more about why this matters for the EU AI Act.

Step 8: Generate Your First Compliance Report

Go to Compliance > Export in the dashboard. Select a framework:

EU AI Act — Article 12 automatic logging compliance
SOC 2 Type II — Processing integrity evidence
ISO 27001 — Information security audit records

Click Generate Report. You get a downloadable PDF with:

Full trace history for the selected time period
Hash chain verification status
Agent inventory and risk classification
Decision lineage for flagged sessions
Compliance score with specific recommendations

Hand this to your auditor, your compliance officer, or your regulator. Done.

What to Do Next

You have a working, tamper-proof audit trail. Here's what to set up next:

Alerts: Configure anomaly detection — get notified when an agent behaves unexpectedly (unusual token spend, policy violations, error spikes)
Team Access: Invite your compliance officer with the Auditor role — read-only access to traces and reports, no ability to modify anything
Webhooks: Push trace events to Slack, PagerDuty, or your own systems for real-time monitoring
PII Detection: Enable automatic PII scanning on trace inputs/outputs — flag sessions where customer data enters the agent context

You Just Set Up a Compliance-Grade Audit Trail in 5 Minutes

No infrastructure to manage. No log pipeline to build. No custom code to maintain.

Every decision your AI agent makes is now cryptographically hash-chained, tamper-evident, and audit-ready. When your compliance officer asks "can you prove what the agent did?", the answer is yes — with one click.

Start free at agenttracehq.com — 10K traces/month, no credit card required.