Skip to content

Dashboard

The Dashboard is your security command center. It provides at-a-glance KPIs, a 7-day activity chart, and a feed of recent security events.

KPI Cards

Four stat cards summarize your tenant's security posture, powered by GET /api/v1/stats. Additional Guard metrics appear when Prompt Guard is enabled:

Card Metric Description
Total Agents total_agents Registered agents in your tenant
Active Policies active_policies Policies with is_active = true
Anomalies total_anomalies Total anomaly reports detected
Pending HITL pending_hitl Approval requests awaiting action
Prompts Blocked guard_blocked Prompts blocked by Prompt Guard (process counters)
Guard Latency guard_avg_ms Average Guard processing time

The dashboard also lists top attack patterns from guard_top_patterns when Guard has recorded hits.

Click through

Each card links to its respective page (Agents, Policies, Anomalies, HITL) for detailed investigation.

See Prompt Guard for API and configuration.

Activity Chart

The 7-day activity chart (Chart.js) displays daily audit log volume from the activities array in the stats response:

{
  "activities": [
    {"date": "2026-06-27", "count": 12},
    {"date": "2026-06-28", "count": 8}
  ]
}

Spikes may indicate increased agent activity, policy violations, or anomalous behavior worth investigating.

Recent Events

The Recent Events panel shows the latest audit log entries for your tenant, including:

  • Agent name and action
  • Resource accessed
  • Risk score (if available)
  • Timestamp

Events update in real time via WebSocket when new audit logs are created.

Connection Status

The header displays a platform status indicator sourced from GET /api/v1/status:

Status Meaning
Online Database, Redis, and OPA are all reachable
Degraded One or more backend services are offline

The status panel also shows tenant name, masked API key, uptime, and per-service health.

Real-time Notifications

When connected to the WebSocket, the dashboard receives events such as:

Event Trigger
policy.violated Agent action blocked by policy
anomaly.detected ML or rule-based anomaly flagged
hitl.requested New approval request created
hitl.resolved Approval approved or rejected
system.status WebSocket connection established

Toasts appear in the bottom-right corner for high-severity events.

Permissions

Role Access
Viewer Read-only dashboard
Developer Read-only dashboard
Security Analyst Read-only dashboard
Admin Full dashboard
Super Admin Full dashboard

All roles with dashboard:read permission can access this page.

API Reference

# Dashboard statistics
curl http://localhost:8000/api/v1/stats \
  -H "X-API-Key: <your-api-key>"

# Platform status
curl http://localhost:8000/api/v1/status \
  -H "X-API-Key: <your-api-key>"
  • Anomalies — investigate detected anomalies
  • Audit — full audit log search
  • HITL — process pending approvals
  • Prompt Guard — injection / jailbreak protection