SightLift

Data sources — what each one captures

How conversation data reaches your dashboard for each AI product, and how to connect it.

← Back to the dashboard
Different products expose their conversation data in different ways — export, admin API, or live telemetry. Cowork is captured by live telemetry only, and only from the day you connect (it is forward-only — there is no historical backfill). The matrix at the bottom summarizes every product.

Live telemetry setup (Cowork & Claude Code)

Live telemetry uses OpenTelemetry: your tool exports events to SightLift's ingest endpoint, authenticated by a per-tenant ingest key. Generate a key from Configuration → Data sources → Anthropic Claude → Live telemetry, then point your tool at the endpoint below. The key is shown once at creation — copy it then.

Endpoint:   https://<your-ingest-host>/v1/logs   (HTTP/JSON, OTLP)
Header:     Authorization: Bearer <your-ingest-key>

Cowork

A workspace admin configures Cowork telemetry once, org-wide, from the desktop app:

  1. Open Claude Desktop and go to Organization settings → Cowork.
  2. OTLP endpoint — paste the /v1/logs URL above.
  3. OTLP protocol — select HTTP/JSON (HTTP/protobuf also works).
  4. OTLP headers — add Authorization: Bearer <your-ingest-key>.
  5. Allowlist this endpoint for the Cowork sandbox's outbound access. The Cowork sandbox blocks outbound network calls by default — if our endpoint isn't on the allowlist, telemetry fails silently and nothing arrives. This is the most common reason a connected tenant never sees data. See Configure a custom collector ↗.

Cowork includes content by default — there are no per-flag toggles like Claude Code. Prompt text, tool inputs (tool_parameters — file paths, command arguments), and tool output (Office agents emit tool.input + tool.output on agent.query spans) all stream unless you redact them at your collector. So Cowork needs no extra enablement for SightLift to build and prove automations — the only lever is the opposite: filter/redact at your collector if you want less. Full steps: Monitor Cowork activity with OpenTelemetry ↗.

Claude Code (CLI)

Claude Code reads OpenTelemetry settings from environment variables (or push them via managed settings / MDM for a whole team rather than per-developer):

export CLAUDE_CODE_ENABLE_TELEMETRY=1
export OTEL_LOGS_EXPORTER=otlp
export OTEL_EXPORTER_OTLP_PROTOCOL=http/json
# Use the LOGS endpoint so the full /v1/logs URL is taken verbatim:
export OTEL_EXPORTER_OTLP_LOGS_ENDPOINT="https://<your-ingest-host>/v1/logs"
export OTEL_EXPORTER_OTLP_HEADERS="Authorization=Bearer <your-ingest-key>"

# Capture conversation content (see note below — off by default):
export OTEL_LOG_USER_PROMPTS=1
export OTEL_LOG_TOOL_DETAILS=1

# Capture tool OUTPUT too — powers verified automations (requires tracing):
export CLAUDE_CODE_ENHANCED_TELEMETRY_BETA=1
export OTEL_TRACES_EXPORTER=otlp
export OTEL_LOG_TOOL_CONTENT=1
Claude Code redacts content by default. Without OTEL_LOG_USER_PROMPTS=1, each user_prompt event ships as <REDACTED> and SightLift sees only metadata (counts, timing, models) — not what was said. Set OTEL_LOG_USER_PROMPTS=1 (and OTEL_LOG_TOOL_DETAILS=1 for tool inputs) to reconstruct full conversations. Cowork has no such flag — it sends content by default.
How much you enable is how much SightLift can do. Each flag unlocks a level: All are off by default and org-controlled. You don't need them to start — with none of them, SightLift still measures your work and proves capabilities forward as they're used. Turn them on per team as your security review is comfortable. See the capabilities & privacy guide ↗.

If you prefer to set the base endpoint instead, use OTEL_EXPORTER_OTLP_ENDPOINT="https://<your-ingest-host>" (no /v1/logs) — the exporter appends the /v1/logs path itself. Full reference: Claude Code monitoring ↗.

One key, or one per surface?

One key works for both Cowork and Claude Code. The key identifies your tenant; SightLift splits Cowork from Claude Code downstream by the telemetry's service.name, so sharing a key never muddles the data.

We still recommend a labeled key per surface — e.g. Cowork — prod and Claude Code — CLI. Separate keys let you revoke or rotate one surface without disrupting the other, and give each its own "last activity" stamp.

Capability matrix

What each product gives you, by ingestion method:

ProductIngestion methodsWhat you get
claude.ai Export · Admin API · Compliance API Org-wide workspace export on Team; programmatic conversation pull + per-message model attribution via the Admin / Compliance API on Enterprise.
Cowork OTEL only Live telemetry only, forward-only. No export or admin API exists for Cowork — it builds from the day you connect a key.
Claude Code Export · Analytics API · OTEL Historical via export / Analytics API; live, forward-only via OTEL telemetry (same key as Cowork).
OpenAI — ChatGPT Compliance Logs Platform On Enterprise/Edu, the Compliance Logs Platform delivers time-windowed JSONL logs of org-wide conversations, files, and workspace metadata (the conversations-logs system replaced the older stateful route in 2026). No live OTLP path for ChatGPT itself.
OpenAI — Codex OTEL · API The Codex CLI exports OpenTelemetry logs (prompts, tool decisions, MCP usage). OTLP-capable like Claude Code — see the note below on SightLift support.
Google — Gemini app Vault · Admin SDK On Workspace, Vault now covers the Gemini app (retention, litigation hold, search, and XML export of prompts + responses), plus Admin SDK / audit logs. No live OTLP path for the Gemini app.
Google — Gemini CLI OTEL The Gemini CLI exports telemetry via OTLP/gRPC or OTLP/HTTP to any collector. OTLP-capable like Claude Code — see the note below on SightLift support.
Does OpenAI or Gemini support live telemetry into SightLift? Their chat apps (ChatGPT, Gemini app) don't expose an OTLP feed — capture those via the Compliance Logs Platform and Vault respectively. Their coding CLIs (OpenAI Codex, Gemini CLI) do speak OTLP, but each emits its own event schema. SightLift's telemetry reconstruction currently understands the Claude Code event family only (Claude Code + Cowork), so Live telemetry is enabled on the Anthropic card today; Codex and Gemini-CLI adapters are future work.
Forward-only: live telemetry has no backfill. A tenant that connects today sees activity from today onward — past Cowork sessions are not retroactively available.

Uploads & scheduled sync

Connecting OpenAI & Google

These are non-telemetry connectors — they pull conversation history through each platform's admin/compliance API rather than a live OTLP feed. Their credential models differ:

OpenAI — ChatGPT Enterprise / Edu

OpenAI Compliance Platform ↗

Google — Gemini in Workspace

Vault API scopes ↗ · Gemini audit via Reporting API ↗

Official documentation