AIOStack
Open-source AI security observability framework for LLM call tracing, sensitive data detection, policy enforcement, and audit logging.
AIOStack is Aurva's open-source framework for observing and securing AI/LLM usage in production. It provides the instrumentation layer that feeds data into Aurva's AI Security module and can also run standalone.
- Website: aurva.ai
- Source: github.com/aurva-io/AIOStack
Capabilities
LLM Call Tracing
AIOStack intercepts calls to LLM APIs and records:
- Model name and provider
- Prompt and completion token counts
- Latency and error rates
- Request/response metadata (configurable redaction)
Traces are exported in OpenTelemetry format and can be viewed in Jaeger, Grafana Tempo, or the Aurva console.
Sensitive Data Detection
Before a prompt reaches the LLM, AIOStack scans the payload for:
| Category | Examples |
|---|---|
| PII | Names, email addresses, phone numbers, Aadhaar numbers |
| PCI | Card numbers, CVVs, expiration dates |
| Credentials | API keys, tokens, connection strings |
| Proprietary | Internal code snippets, trade secrets (custom patterns) |
Detections can trigger alerts, block the request, or redact the sensitive content before forwarding.
Policy Enforcement
Define policies that control how AI is used:
- Allowlist/Blocklist -- restrict which models and providers are permitted
- Data-aware gates -- block prompts containing PII or PCI data
- Rate limits -- cap token usage per user, team, or service
- Prompt validation -- reject prompts matching prohibited patterns
Audit Logging
Every LLM interaction is logged with:
- Caller identity (user, service account, API key)
- Timestamp, model, provider
- Sensitive data flags
- Policy evaluation result (allowed, blocked, redacted)
Logs can be exported to your SIEM or stored in Aurva for compliance reporting.
Integration with Aurva
When connected to the Aurva platform, AIOStack data appears in:
- Shadow AI Detection -- enriches detections with call-level detail
- LLM Access Governance -- enforces governance policies through AIOStack hooks
- Compliance -- maps AI usage controls to SOC 2, DPDPA, and RBI frameworks
Getting Started
# Install the Python SDK
pip install aiostack
# Instrument your application
import aiostack
aiostack.init(api_key="your-aurva-api-key")
See the AIOStack README for full setup instructions, supported LLM providers, and configuration options.