A2A Log Export
Export Agent-to-Agent (A2A) communication logs to enterprise tools for compliance, auditing, analytics, and security monitoring.
A2A Log Export is available on Enterprise plans only.
Why Export A2A Logs?
- Compliance: Meet regulatory requirements for AI audit trails
- Security Monitoring: Detect anomalies in agent behavior via SIEM
- Analytics: Build dashboards and reports on agent interactions
- Archival: Long-term storage for data governance
Supported Destinations
| Destination | Use Case | Formats |
|---|---|---|
| Amazon S3 | Data lake, archival, analytics | JSON, JSONL, Parquet |
| Splunk | SIEM, security monitoring | HEC events |
| Datadog | Observability, APM | Logs API |
| Elasticsearch | Search, analytics | Documents |
| Syslog | Legacy SIEM, network devices | RFC3164, RFC5424, CEF, LEEF |
| Webhook | Custom integrations | JSON payloads |
Export Data
Each exported message contains:
| Field | Description |
|---|---|
| ID / Message ID | Unique message identifier |
| Timestamp | When the message was sent |
| Thread ID | Conversation thread |
| Tenant / Team ID | Organization and team context |
| Sender Agent | ID and name of sending agent |
| Receiver Agent | ID and name of receiving agent |
| Message Type | Request, response, handoff, etc. |
| Content | Message content |
| Content Summary | Abbreviated summary |
| Thread Topic / Status | Thread context |
| Tags / Priority | Classification metadata |
| Metadata | Tool calls, handoff details |
Filtering
Control which A2A communications are exported:
| Filter | Description |
|---|---|
| Team IDs | Export only from specific teams |
| Agent IDs | Export only from specific agents |
| Thread Statuses | Active, completed, etc. |
| Message Types | Request, handoff, etc. |
| Keywords | Content keyword matching |
| Min Priority | Priority threshold |
Batching & Delivery
| Setting | Description |
|---|---|
| Batch Size | Messages per batch (1-10,000) |
| Flush Interval | Time between flushes (e.g., 30 seconds) |
| Max Retries | Retry count for failed deliveries (default: 3) |
| Retry Delay | Delay between retries with exponential backoff |
Delivery guarantee: At-least-once delivery (messages may be delivered multiple times on retry). Messages within a batch are ordered by timestamp.
SIEM Format Support
| Format | Compatible With |
|---|---|
| CEF (Common Event Format) | ArcSight, Splunk |
| LEEF (Log Event Extended Format) | IBM QRadar |
| RFC5424 | Standard syslog receivers |
Security Considerations
- Credentials: Encrypted at rest; API responses mask sensitive fields
- Network: Use TLS for all connections; configure firewall rules for MeetLoyd IP ranges
- Data Privacy: Consider filtering PII, using content summaries, and applying retention policies at the destination
Setting Up A2A Export
Via Dashboard
- Navigate to Settings > Integrations > A2A Export
- Click Add Destination
- Select destination type
Amazon S3
Configure with bucket name, region, optional prefix, access credentials (or IAM role), format (JSON/JSONL/Parquet), compression (gzip or none), and partition scheme (by tenant, team, and/or date).
Splunk
Configure with HEC URL, HEC token, target index, source name, and source type.
Datadog
Configure with API key, site (datadoghq.com, datadoghq.eu, etc.), service name, and optional tags.
Elasticsearch
Configure with node URLs, index name, authentication (basic auth or API key), and optional ingest pipeline.
Syslog
Configure with host, port, protocol (TCP/UDP/TLS), facility, severity, format (RFC3164/RFC5424/CEF/LEEF), and app name.
Webhook
Configure with URL, HTTP method (POST), custom headers, and authentication type (none, bearer, basic, or HMAC). For HMAC, a signature header is included for verification.
After Configuration
- Set up filters to control which communications are exported
- Configure batching settings (batch size, flush interval, retries)
- Test the connection to verify configuration
- Enable export to start streaming
Monitoring
Track export health from Settings > Integrations > A2A Export: success/failure rates, latency, and batch sizes. Configure alerts for export failures.
Troubleshooting
| Error | Resolution |
|---|---|
| Connection refused | Verify firewall rules allow MeetLoyd IPs. Check destination service is running. Verify TLS certificates. |
| 401 Unauthorized | Verify credentials are correct. Check token has not expired. Ensure API key has write permissions. |
| 429 Too Many Requests | Increase flush interval. Increase batch size. Contact destination provider for rate limit increases. |
Feature Availability
| Feature | Enterprise |
|---|---|
| Export Destinations | Up to 10 |
| S3 Export | Yes |
| Splunk Export | Yes |
| Datadog Export | Yes |
| Elasticsearch Export | Yes |
| Syslog Export | Yes |
| Webhook Export | Yes |
| Custom Filters | Yes |
| Parquet Format | Yes |
| SIEM Formats (CEF/LEEF) | Yes |