Astry is in Beta. The company brain that reasons, not just searches.
Astryastry

Every request, on the record.

Astry writes an append-only journal of every query, every file the model could see and every answer it returned. The database itself refuses edits and deletes, and logging never blocks a request.

Trust & SecurityAudit log

Audit log.

Every API call + admin mutation, month-partitioned. Cursor-paginated ; CSV export honours the current filter set.

Live
Filter by action (e.g. admin.user.update)…
10 loaded
When
Who
Action
Resource
Source
Latency
17/06/2026, 14:32:08
Maya Chen
9f3a1c7e
ask.success
space:revenue-ops · 6 files
web
1842 ms
17/06/2026, 14:30:51
Tom Becker
2d8b4f01
mcp.ask
space:eng-platform · 9 files
mcp
2310 ms
17/06/2026, 14:28:19
Lena Ortiz
7c1e9a44
ingest.dlp_quarantine
drive/contracts/NDA-Atlas.pdf
drive
412 ms
17/06/2026, 14:25:03
Lena Ortiz
7c1e9a44
ingest.success
slack/#finance · 23 messages
slack
968 ms
17/06/2026, 14:21:47
Maya Chen
9f3a1c7e
admin.dlp_rule.delete
dlp_rule:iban-fr@rev14
admin
76 ms
17/06/2026, 14:18:22
Tom Becker
2d8b4f01
ask.rate_limit
space:eng-platform
api
11 ms
17/06/2026, 14:14:55
system
ingest.success
sharepoint/Legal · 41 files
system
5204 ms
17/06/2026, 14:09:31
Lena Ortiz
7c1e9a44
ask.success
space:revenue-ops · 4 files
web
1576 ms
17/06/2026, 14:03:12
Maya Chen
9f3a1c7e
admin.user.update
user:s.reed@astry.agency
admin
132 ms
17/06/2026, 13:58:40
Tom Becker
2d8b4f01
mcp.ask
space:eng-platform · 12 files
mcp
2087 ms

Append-only · query, files touched, latency, cost

A record that holds up.

Each entry captures the query, the files the model could see, the action, its latency and its cost. Nothing is edited after the fact, and writing it never slows the answer down.

Append-only at the database

The application's database role can only insert and read. Update and delete are revoked, so a past entry cannot be edited or removed.

Every file the model could see

Each request records the exact file IDs projected into its sandbox. You see precisely what the model could read, not a guess.
See the Trust Layer

Never blocks a request

Logging runs alongside the answer. A slow or failed write can never hold up a response or drop a record.

Anomaly detection

Astry flags access that breaks the normal pattern for an account, so unusual reads surface for review.

Dual-written and exportable

Every entry lands in both JSONL and Postgres. Export to CSV, or ship the JSONL stream to your own SIEM or warehouse.
See audit in the app

Erasure that records itself

GDPR Article 17 erasure and DSAR requests run through dedicated tooling, and the deletion writes its own entry to the journal.
Read the DPA

Answer an audit in three moves.

When a regulator or a security team asks who saw what, you do not reconstruct it. You filter, you trace, you export.

  • 01

    Filter

    Narrow the journal by user, time window or source. Find the exact requests in question without scrolling endless rows.

  • 02

    Trace

    Open a request to see every file the model could see for that answer. The projected set is recorded, not inferred.

  • 03

    Export

    Export exactly those requests as CSV. Because the journal is append-only, the export is the record, not a copy someone could have edited.

The audit layer, in detail.

Record
Query, files the model could see, action, latency and cost.
Storage
Dual-written to JSONL and Postgres, workspace-scoped.
Mutability
Database role has INSERT and SELECT only; UPDATE and DELETE revoked.
Blocking
Logging never blocks a request.
Anomaly detection
Built-in; flags access that breaks the normal pattern.
Erasure
GDPR Art. 17 and DSAR tooling; the deletion is itself recorded.

Good to know.

  • No. The application's database role can only insert and read entries; update and delete are revoked at the database itself. A past entry cannot be edited or removed, including by us, and each entry is also written to a JSONL stream you keep.

Answer the next audit from the record.

Filter the journal, trace a request, export exactly what was asked. The evidence is already written, and the database will not let anyone edit it.

Log inSee access control