Core Concepts
Evidence
Structured exportable packages assembled on read.
Evidence
Source: app_docs/guide/evidence.md, app_docs/evidence.md.
What it is
A structured package exportable as JSON, CSV, or human-readable report (.txt).
| Term | Meaning |
|---|---|
| Evidence | Exportable proof package |
| Activity | In-console event timeline (not a portable package) |
Do not call Evidence an “audit log” or “activity log.”
Why it exists
When someone asks “prove what happened,” logs are noisy and incomplete. Evidence is customer-facing proof of important operations.
How Erasure uses it
- Assembled on read from Rights cases/events and Anumati versions/receipts
- No separate evidence worker or package table
- Package id is deterministic (
kind:sourceId)
Kinds (v1)
| Kind | Built from |
|---|---|
rights_deletion | Rights request + Activity events + system outcomes when present |
consent_publish | Published version snapshot + receipt counts for that version |
Package fields (schemaVersion: 1)
id, product (rights | anumati), kind, status, steps[], facts, sources (no secrets).
HTTP
| Method | Path |
|---|---|
GET | /api/platform/orgs/:orgId/rights/cases/:caseId/evidence |
GET | same ?format=json|csv|report&download=1 |
GET | /api/platform/projects/:projectId/evidence/publish |
GET | /api/platform/projects/:projectId/evidence/publish/:versionId |
What it is not
- Not a SIEM
- Not a raw application log dump
- Not a cryptographically sealed legal WORM archive (Beta)
- Not proof about systems you never connected
Retention
Derived from primary data. No separate evidence-store TTL in Beta.
Related
- Guide: Generate evidence
- DPDP: Evidence
- FAQ: Evidence vs Activity vs server logs — Activity is ordered events; Evidence is structured export; server logs are ops noise