Wiki · Measurement

How usage becomes a number you can defend

From an agent's session log on your machines to a spend figure on the board readout — every hop, and the honesty rules applied along the way.

YOUR INFRASTRUCTUREAGENTX PLATFORM1 · SOURCEAgent session logsClaude Code transcriptsHermes session storeread in place, read-only2 · INGESTCollector pushtoken counts + metadatanever prompts or outputsorg token + fingerprint3 · LEDGERPriced + recordedpublished API ratesactual vs API-equivalentidempotent, re-push safe4 · PROVENANCEHonesty gatesynthetic | declared | measured, per rowhash-chained audit log5 · OUTPUTSReliable numbersscorecard spendcost-drift findingsprovisional -> attestedprivacy boundary: transcript content never crosses this linedemo data retires on first measured row

1 · Source

Your agents already write the evidence

Coding agents and assistants keep session logs on the machines where they run — token usage, model, timestamps. The AgentX collector reads those files in place, read-only. Nothing is installed into your agents and no proxy sits in front of your model calls. Today the collector reads Claude Code transcripts and the Hermes session store; further harnesses are on the roadmap.

2 · Ingest

Counts cross the wire — content never does

The collector aggregates each day's usage per agent and pushes token counts and metadata over HTTPS. Prompts, outputs, and file contents structurally cannot be included: the outbound record has no field that can hold them, and a test in the collector's own suite fails if one appears. Each push authenticates with an org-scoped token, and every record is attributed by the agent's fingerprint. An unknown fingerprint is registered automatically as a provisional agent — attribution is co-born with the data, then a human promotes it.

3 · Ledger

Priced on arrival, safe to resend

The platform prices tokens at published API rates and keeps two lenses side by side: actual cost (what you were billed — near zero on subscription plans) and API-equivalent cost (what the same tokens would cost at listed rates). Unknown models are marked unpriced, never guessed. Ingestion is idempotent: re-sending a day corrects the record instead of double-counting it, and daily usage rolls up into the monthly spend ledger the board readout draws from.

cost_actual = what your invoice says · cost_api_equivalent = tokens × published rates

4 · Provenance

Every row says where it came from

Each spend row carries its provenance: synthetic (illustrative demo data), declared (entered by your team), or measured (collector-observed). Demo rows are badged in the product, and the moment an organization's first measured data arrives, its synthetic rows retire from the spend views — an audited, one-time transition. Every mutation along the pipeline is written to the tamper-evident, hash-chained audit log in the same transaction.

5 · Outputs

What the reliable data feeds

Measured usage drives the scorecard's spend figures, flips an agent's verification from provisional to attested on its first observed trace, and feeds the cost-drift monitor: when an agent's recent cost trend degrades against its baseline, a risk finding is opened automatically — sourced as measured, only for organizations with real data. Demo organizations cannot generate measured findings by construction.

Why trust it

The rules that keep the numbers honest

Count-once: delegated sub-agent work is attributed exactly once, by the model that did it. No invented values: a signal an agent's logs do not record is shown as not recorded, never zero. Idempotent by design: retries and corrections are safe. Provenance over polish: a fabricated number labeled measured is treated as a defect, not a demo feature.

Related: Method — how the cash ledger, capacity log, and grade are derived · Wiki index