Stashbase

Agent logs

Inspect local audit records for brokered agent sessions

stashbase agent run writes a local, metadata-only JSONL audit log by default. Startup prints the audit session ID and local log path. Use stashbase agent logs to inspect recent broker decisions without opening those files directly.

What logs contain

Each event records the profile, broker action, destination host, secret name, response status, and duration. Logs never include secret values, placeholders, headers, bodies, URLs, or command arguments.

Common actions include injected, host_denied, unknown_placeholder, tls_trust_failed, upstream_timeout, upstream_connection_failed, and upstream_request_failed.

View recent events

stashbase agent logs
stashbase agent logs --session 5fd2...
stashbase agent logs --profile coding --action injected --host api.github.com
stashbase agent logs --action host_denied --since 1h
stashbase agent logs --follow

Use --json for a one-time JSON array. With --follow --json, each event is emitted as one JSON line.

Retention and privacy

Logs older than 30 days are removed automatically and local storage is capped at 1,000 session files. Disable persistence for one run with --audit-log false:

stashbase agent run --profile coding --audit-log false -- codex

Audit records describe broker activity, not complete process activity. A tool that bypasses the proxy directly cannot be logged.

On this page