Elevating Compliance and Auditability in Generative AI Lab

In industries where strict regulatory standards govern operations, achieving full auditability and operational transparency is critical—not optional. Generative AI Lab addresses these critical requirements with a powerful set of enhancements designed to deliver secure, tamper-proof monitoring while preserving performance and user privacy.

At the core of these improvements is the introduction of real-time, high-performance audit logging. This enhancement allows organizations to maintain comprehensive traceability across projects, system operations, and administrative activities, ensuring readiness for audits and internal reviews.

Key Capabilities

• Real-Time Indexing: Captures user activities and system events including project lifecycle actions, configuration changes, model hub events, and administrative operations.
• Flexible Deployment Options: Supports both internal and external deployment configurations for logs, offering organizations complete control over where and how audit data is stored and managed.
• Privacy First: Focuses on logging essential metadata—such as user IDs, API methods, timestamps, and contextual information—while ensuring that sensitive information remains protected and never exposed.
• Log Management: Enables seamless backup, configurable data retention policies, and reliable restoration processes to support long-term governance and compliance strategies.

User Benefit: These capabilities empower teams to achieve secure, reliable auditability that is critical for meeting regulatory obligations, strengthening internal governance, and maintaining operational transparency—all while ensuring minimal impact on system performance and preserving data confidentiality.

Steps to enable Audit Logs on your Generative AI Lab instance

This feature can be enabled if needed for environments that require advanced auditing or compliance tracking. For maximum control and security, administrators can configure Generative AI Lab to use an externally hosted Elastic Search cluster.

To install Elastic Search locally in Gen AI Lab, add the following parameter to the installer or updater script and then run the installation or update:

--set installElasticsearch=true

Once installed, enable Elastic Search by adding the following parameter to the installer or updater script and then run the installation or update:

--set global.elasticsearch.enable=true

One can disable Elastic Search as well, to disable it, add the following parameter to the installer or updater script and then run the installation or update:

--set global.elasticsearch.enable=false

To include user logs in Elastic Search, add the following parameters to the installer or updater script and then run the installation or update:

--set global.elasticsearch.includeKeycloak=true \
--set global.azure.images.keycloak.tag=keycloak-<GenAI Lab Version> \
--set global.azure.images.keycloak.image=annotationlab \
--set global.azure.images.keycloak.registry=docker.io/johnsnowlabs

Note: Replace GenAI Lab Version with the appropriate Generative AI Lab version that you want to install or upgrade to.

Once the features are enabled, the system starts real-time indexing of user and system activity while ensuring privacy and performance. All logs include metadata like user ID, API method and path, timestamp, and event context—without exposing sensitive payloads such as passwords, PHI, and PII.

What Gets Indexed

• Project Lifecycle: Creation and deletion of projects.
• Configuration Changes: Updates to teams, model assignments, external integrations, and label settings.
• Import/Export Activities: Logs for task imports/exports.
• Models Hub Events: Events such as model import/export and model downloads.
• Administrative Actions: Logs related to user creation, updates, deletions, license upload, and deletion, enabling/disabling local export toggles, analytics approval, and system backups.

Log Management Features

• Backup & Restore: Schedule automatic dumps of indexed logs directly to S3 buckets for backup and recovery.
• Retention Policies: Configure automated deletion of old logs to optimize storage and comply with data governance policies.
• External Logs Storage: Connect to your company’s existing ES logging infrastructure to unify and enhance your organization’s knowledge base with integrated log data.

Conclusion and Next Steps

Robust auditability is no longer optional for organizations operating in regulated industries — it’s essential for maintaining trust, meeting compliance obligations, and ensuring operational transparency. The new audit logging capabilities in Generative AI Lab empower teams with real-time tracking of user and system activities, secure data management, and flexible deployment options, all while protecting sensitive information.

To get started, administrators can easily enable logging support during installation, configure log retention and backup policies, and integrate with external systems if needed. With these features activated, your team can confidently meet audit and governance requirements without disrupting performance or compromising user privacy.

Getting Started is Easy

Generative AI Lab is a no-code human-in-the-loop annotation tool that can be deployed in a couple of clicks using either Amazon or Azure cloud providers, or installed on-premise with a one-line Kubernetes script.