The Audit Question You Can't Answer Yet
The auditor sits across the table and asks: "Show me evidence that your AI agents operated within approved policy boundaries for the last 90 days."
You know the data exists. Your agents are governed. Policies are enforced. Violations are logged. But translating that operational reality into a formatted compliance artifact means hours of manual data extraction, spreadsheet wrangling, and PDF assembly. By the time you finish one report, the auditor has three more questions.
Today we are launching the MeshGuard Report Generator, a compliance reporting engine that produces audit-ready documents directly from your live governance data. Four report types. Multiple export formats. Generated in seconds, not days.
Four Report Types
1. Policy Enforcement Summary
A complete record of every policy evaluation over a specified time window: total evaluations, allow/deny/throttle breakdown, top triggered rules, and violation trends over time. This is the report you hand an auditor when they want proof that your governance policies are actually running and producing results.
When to use it: SOC 2 audits, internal security reviews, quarterly governance check-ins.
2. Agent Activity Audit
A per-agent breakdown of actions taken, resources accessed, policies evaluated, and violations recorded. Each entry includes timestamps, decision rationale, and links to the full evaluation trace. This report answers the question "what did this specific agent do and was it governed?"
When to use it: Incident investigations, agent certification reviews, access audits.
3. Compliance Posture Report
Maps your MeshGuard governance configuration against a specific compliance framework. The report identifies which framework controls are covered by your current policies, which have partial coverage, and which have gaps. Supported frameworks include SOC 2 Type II, ISO 27001, NIST AI RMF, and the EU AI Act.
When to use it: Pre-audit preparation, gap analysis, board-level compliance updates.
4. Custom Report
Define your own report by selecting the data sources, time range, grouping dimensions, and output fields. Custom reports are saved as templates that can be re-run on demand or scheduled for recurring delivery.
When to use it: Anything the other three do not cover, from cost allocation by agent team to policy change history across environments.
Generating a Report
From the dashboard, navigate to Reports > Generate and select your report type. Choose the time window, target workspace, and output format (PDF, CSV, or JSON).
From the CLI:
meshguard report generate \
--type policy-enforcement \
--workspace prod \
--from 2026-01-01 \
--to 2026-03-31 \
--format pdf \
--output q1-enforcement-report.pdf
Reports can also be generated via the API, making it straightforward to integrate compliance reporting into automated workflows. Schedule a monthly posture report to land in your compliance team's inbox, or trigger an agent activity audit whenever an incident is opened.
What's in the Output
Every report includes:
- Executive summary with key metrics and findings, suitable for non-technical stakeholders.
- Detailed data tables with sortable, filterable records for analysts who need to dig deeper.
- Methodology section describing how the data was collected and what governance configurations were in effect during the reporting period.
- Digital signature and generation metadata for tamper-evident provenance.
PDF reports are formatted for direct submission to auditors. CSV and JSON exports feed into GRC platforms, SIEM tools, or custom dashboards.
Stop Dreading Audit Season
Compliance reporting should be a byproduct of good governance, not a separate project. If your agents are governed by MeshGuard, the evidence already exists. The Report Generator just makes it presentable.
Available now on Team and Enterprise plans. Visit docs.meshguard.app/reports to generate your first report.