Dashboard
The Igris dashboard gives you a live snapshot of activity across every connection your organization has registered. Open it at app.igrisecurity.com.Time range
A segmented control at the top right sets the reporting window for every panel on the page:| Label | Window |
|---|---|
| 24h | Last 24 hours |
| 7d | Last 7 days (default) |
| 30d | Last 30 days |
Platform status banner
A status hero sits at the top of the page. When the selected period contains policy denials or anomalies the banner shows “Incidents detected” with a count of each. Otherwise it reads “All systems operational”. A live clock refreshes every second; the stated SLA is 99.99 %.KPI strip
Six metric cards span the full width of the page. Each card shows the current-period total, a sparkline, and a percentage change vs. the previous equivalent window where available.| KPI | What it counts | Source field |
|---|---|---|
| MCP Tool Calls | Total proxy-evaluated tool calls (allow + alert + deny) | totals.toolCalls |
| LLM Requests | Requests forwarded by the LLM gateway | totals.llmCalls |
| Threats Blocked | Injection attempts stopped by content guards | totals.injectionsBlocked |
| Policy Denials | Tool calls blocked by a policy rule | totals.denied |
| PII Redacted | Redaction actions applied to payloads | totals.piiRedacted |
| LLM Cost | Cumulative spend across all LLM connections | totals.costCents (displayed in USD) |
Activity timeline
A stacked bar chart below the KPI strip plots Allow / Alert / Deny counts over time. The x-axis buckets are derived from the selected period (hourly for 24 h, daily for 7 d and 30 d). A link in the chart header navigates to the Observe screen for a deeper view. Legend colours:- Allow — green
- Alert — amber
- Deny — red
Security posture
A panel to the right of the activity timeline summarises your governance coverage:| Row | Colour when non-zero |
|---|---|
| Active policies | neutral |
| Open denials (24h) | amber |
| Anomalies flagged | amber |
| Suspended sessions | red |
| Active sessions | neutral |
Top connections
Lists connections by total request volume for the selected period. When no connections have been registered yet, the panel shows a prompt to create one.Top denied tools
Shows up to five tool names ordered by policy-denial count. Links to the Audit Trail screen.Recent incidents
Shows up to four denied tool calls from the last 24 hours tagged Critical. Links to the Incidents screen for the full list.Observe screen
Accessible from app.igrisecurity.com/observe or via the “Open Observe →” link on the activity timeline. The Observe screen gives a CISO-oriented view over the same time window (day / week / month).KPI row
| KPI | What it counts |
|---|---|
| Total Requests | LLM calls + MCP tool calls combined |
| Threats Blocked | Injections blocked + policy denials combined |
| PII Redacted | Redaction actions |
| Total Cost | LLM spend in USD |
Executive summary
A prose paragraph generated server-side describing key findings for the selected period. Rendered below the KPI row.Risk heat map
A grid of AI systems (rows) by risk categories (columns): PII Exposure, Injection Attempts, Policy Violations, Anomalies. Each cell is colour-coded:- Red (High) — elevated count and/or high-severity finding
- Amber (Medium) — moderate activity
- Green (Low) — minimal activity
- None — no data
Threat distribution
A breakdown of all threat types as proportional progress bars:- Policy Denials
- PII Detections
- Injections Blocked
- Anomalies