Dashboard¶
The Dashboard is your security command center. It provides at-a-glance KPIs, a 7-day activity chart, and a feed of recent security events.
KPI Cards¶
Four stat cards summarize your tenant's security posture, powered by GET /api/v1/stats. Additional Guard metrics appear when Prompt Guard is enabled:
| Card | Metric | Description |
|---|---|---|
| Total Agents | total_agents |
Registered agents in your tenant |
| Active Policies | active_policies |
Policies with is_active = true |
| Anomalies | total_anomalies |
Total anomaly reports detected |
| Pending HITL | pending_hitl |
Approval requests awaiting action |
| Prompts Blocked | guard_blocked |
Prompts blocked by Prompt Guard (process counters) |
| Guard Latency | guard_avg_ms |
Average Guard processing time |
The dashboard also lists top attack patterns from guard_top_patterns when Guard has recorded hits.
Click through
Each card links to its respective page (Agents, Policies, Anomalies, HITL) for detailed investigation.
See Prompt Guard for API and configuration.
Activity Chart¶
The 7-day activity chart (Chart.js) displays daily audit log volume from the activities array in the stats response:
Spikes may indicate increased agent activity, policy violations, or anomalous behavior worth investigating.
Recent Events¶
The Recent Events panel shows the latest audit log entries for your tenant, including:
- Agent name and action
- Resource accessed
- Risk score (if available)
- Timestamp
Events update in real time via WebSocket when new audit logs are created.
Connection Status¶
The header displays a platform status indicator sourced from GET /api/v1/status:
| Status | Meaning |
|---|---|
| Online | Database, Redis, and OPA are all reachable |
| Degraded | One or more backend services are offline |
The status panel also shows tenant name, masked API key, uptime, and per-service health.
Real-time Notifications¶
When connected to the WebSocket, the dashboard receives events such as:
| Event | Trigger |
|---|---|
policy.violated |
Agent action blocked by policy |
anomaly.detected |
ML or rule-based anomaly flagged |
hitl.requested |
New approval request created |
hitl.resolved |
Approval approved or rejected |
system.status |
WebSocket connection established |
Toasts appear in the bottom-right corner for high-severity events.
Permissions¶
| Role | Access |
|---|---|
| Viewer | Read-only dashboard |
| Developer | Read-only dashboard |
| Security Analyst | Read-only dashboard |
| Admin | Full dashboard |
| Super Admin | Full dashboard |
All roles with dashboard:read permission can access this page.
API Reference¶
# Dashboard statistics
curl http://localhost:8000/api/v1/stats \
-H "X-API-Key: <your-api-key>"
# Platform status
curl http://localhost:8000/api/v1/status \
-H "X-API-Key: <your-api-key>"
Related Pages¶
- Anomalies — investigate detected anomalies
- Audit — full audit log search
- HITL — process pending approvals
- Prompt Guard — injection / jailbreak protection