How to Intermediate · 4 min read

How to log AI API calls safely

Quick answer
To log AI API calls safely, always mask or omit sensitive data such as API keys, user personal information, and model outputs that may contain private content. Use structured logging with redaction and store logs securely with access controls to prevent unauthorized exposure.

PREREQUISITES

  • Python 3.8+
  • OpenAI API key (free tier works)
  • pip install openai>=1.0

Setup logging environment

Install necessary packages and configure environment variables to securely handle API keys and logging.

bash
pip install openai

Step by step safe logging

This example shows how to log AI API calls while masking sensitive data like API keys and user inputs. It uses Python's logging module with a custom filter to redact sensitive fields.

python
import os
import logging
from openai import OpenAI

# Configure logging
logger = logging.getLogger('ai_api_logger')
logger.setLevel(logging.INFO)
handler = logging.StreamHandler()
formatter = logging.Formatter('%(asctime)s - %(levelname)s - %(message)s')
handler.setFormatter(formatter)
logger.addHandler(handler)

# Custom filter to redact sensitive info
class RedactFilter(logging.Filter):
    def filter(self, record):
        if hasattr(record, 'msg') and isinstance(record.msg, str):
            # Redact API keys and user inputs
            record.msg = record.msg.replace(os.environ.get('OPENAI_API_KEY', ''), '[REDACTED_API_KEY]')
            # Example: redact user prompt if needed
            record.msg = record.msg.replace('secret user input', '[REDACTED_INPUT]')
        return True

logger.addFilter(RedactFilter())

client = OpenAI(api_key=os.environ['OPENAI_API_KEY'])

user_prompt = "Tell me a joke about cats"

# Log the outgoing request safely
logger.info(f"Sending prompt to AI: {user_prompt}")

response = client.chat.completions.create(
    model="gpt-4o",
    messages=[{"role": "user", "content": user_prompt}]
)

# Log the response safely (avoid logging full content if sensitive)
logger.info(f"Received response: {response.choices[0].message.content[:100]}...")

print(response.choices[0].message.content)
output 
2026-04-xx xx:xx:xx,xxx - INFO - Sending prompt to AI: Tell me a joke about cats
2026-04-xx xx:xx:xx,xxx - INFO - Received response: Why did the cat sit on the computer? Because it wanted to keep an eye on the mouse!... 
Why did the cat sit on the computer? Because it wanted to keep an eye on the mouse!

Common variations

You can extend safe logging by:

  • Using async API calls with similar logging filters.
  • Streaming responses and logging partial outputs cautiously.
  • Switching models (e.g., claude-3-5-sonnet-20241022) with the same logging approach.
python
import anthropic
import os
import logging

logger = logging.getLogger('ai_api_logger')
logger.setLevel(logging.INFO)
handler = logging.StreamHandler()
formatter = logging.Formatter('%(asctime)s - %(levelname)s - %(message)s')
handler.setFormatter(formatter)
logger.addHandler(handler)

client = anthropic.Anthropic(api_key=os.environ['ANTHROPIC_API_KEY'])

user_prompt = "Explain recursion simply"

logger.info(f"Sending prompt to Claude: {user_prompt}")

message = client.messages.create(
    model="claude-3-5-sonnet-20241022",
    max_tokens=200,
    system="You are a helpful assistant.",
    messages=[{"role": "user", "content": user_prompt}]
)

logger.info(f"Received response: {message.content[:100]}...")

print(message.content)
output 
2026-04-xx xx:xx:xx,xxx - INFO - Sending prompt to Claude: Explain recursion simply
2026-04-xx xx:xx:xx,xxx - INFO - Received response: Recursion is when a function calls itself to solve a smaller part of a problem until it reaches a base case that stops the calls.... 
Recursion is when a function calls itself to solve a smaller part of a problem until it reaches a base case that stops the calls.

Troubleshooting logging issues

  • If logs expose sensitive data, add or improve redaction filters.
  • If logs are too verbose, limit logged content length or log only metadata.
  • Ensure environment variables for API keys are never logged.
  • Use secure storage and access controls for log files to prevent leaks.

Key Takeaways

  • Always redact or omit API keys and sensitive user inputs from logs.
  • Use structured logging with custom filters to automate safe data masking.
  • Limit logged output length to avoid exposing private or large data.
  • Store logs securely with strict access controls to protect privacy.
  • Apply the same safe logging principles across different AI models and SDKs.
Verified 2026-04 · gpt-4o, claude-3-5-sonnet-20241022
Verify ↗

People also ask

🛠 Fix AgentOps not tracking calls agentops 🛠 How to track tool calls with AgentOps agentops ⚖️ When to use AI agents vs simple LLM calls AI Agents 🛠 How to batch API calls to reduce costs AI for Developers 🛠 How to implement retry logic for AI API calls AI for Developers

Up next

🛠 How to measure LLM latency in production 🛠 How to monitor AI quality in production 🐛 How to prevent prompt injection in AI applications 🛠 How to reduce OpenAI API costs in production

More in Guides

🛠 How to A/B test AI prompts 🛠 How to add AI autocomplete to text editor 🛠 How to add AI chatbot to website 🛠 How to add AI image generation to web app