Igris Lens · Observability

Complete visibility into every AI security event, across your entire stack.

Lens centralizes every log, trace, anomaly, and compliance event from Sentinel and Guard into one real-time dashboard. CISOs get risk heatmaps. Compliance teams get one-click audit reports. Security engineers get trace-level debugging. Everyone sees what they need.

Request a Demo →Read the Docs
Live
Event stream
searchable · real-time
7
CISO metrics
executive risk view
Risk
Heat maps
by category & period
Trace
Drill-down debugging
trace ID · event detail
live· 4,213 events / hour · acme-prodlast 24h ▾
EventsRiskCostComplianceAlerts
Tool calls
112,847
+12% vs prev
Denied
3,219
+34% vs prev
PII redacted
8,102
+4%
Avg latency
Minimal
stable
Spend
$4,317
+8%
12:04:31SENTINELalice → repo.read · org:acme/apiALLOW
12:04:32GUARDprompt redacted · email · 1 tokenREDACT
12:04:33SENTINELcontractor → repo.delete · scope mismatchDENY
12:04:34SENTINELbob → stripe.charge.create · $42.00ALLOW
12:04:35GUARDprompt injection · classifier 0.97BLOCK
12:04:36SENTINELalice → jira.issue.searchALLOW
12:04:37GUARDresponse leak risk · phone · maskedREDACT
12:04:39SENTINELcarol → postgres.query · ro replicaALLOW
Activity heatmap · 24h
Decision mix · last 12h
allowredactdeny
Capabilities

Built for complete visibility.

From real-time monitoring to automated reporting, Lens gives your security team complete visibility into every AI security event.

01

Unified log stream

Every event from Sentinel tool-call logs and Guard conversation logs flows into a single, searchable real-time stream. Filter by product, user, severity, or time range.

sentinel · repo.readALLOW
guard · prompt scanREDACT
sentinel · s3.deleteDENY
02

Real-time anomaly alerts

Automated detection flags unusual runtime behavior: tool-call rate spikes and bursts of destructive tool calls. Delivered via Slack, Discord, or webhook.

tool-call rate · 7× baselineFIRED
destructive pattern · burstALERT
dispatched → #sec-alerts
03

Executive risk heatmaps

Visualize AI risk posture by department and risk category. Heatmaps make it easy for leadership to see where risk concentrates, without reading raw logs.

eng · sec · support · salesenv · prod
04

Complete audit trail

Every security event is recorded with full context: identity, tool, model, policy decision, latency, and cost. Suitable for investigations, regulatory audits, and reporting. Export in JSON or CSV.

auT_b2k9-04a1logged ✓
full context · per event
exportJSON · CSV
05

Audit-evidence export

Export the complete audit trail as JSON or CSV, filtered to the events you need. Hand auditors and regulators full-context evidence for any window of activity.

filter · windowscoped
full context per eventincluded
export→ JSON · CSV
06

Role-based access control

Assign org roles — owner, admin, developer, CISO, auditor — so each team member gets the right level of access. Fine-grained permissions are built in, managed centrally.

owner · adminfull access
developerpolicies · connections
ciso · auditorread · reports
07

Alert dispatch

Real-time alerts via Slack and Discord webhooks. Notifications on policy denials, anomalies, and session suspensions, routed to the channels your team already lives in.

#sec-alerts · Slackconnected
#ai-governance · Discordconnected
policy denial · session suspended→ webhook
How data flows

Every event. One dashboard.

Sentinel and Guard automatically feed every security event into Lens, with no extra configuration.

Data sources
Igris Sentinel
  • MCP tool call logs
  • Policy decisions
  • Connection events
  • Session activity
Igris Guard
  • LLM prompt / response logs
  • PII detection events
  • Content policy decisions
  • Token usage metrics
I
Igris Lens
ingest · normalize · index
What you get
Risk heatmaps

Risk posture by department & risk category

Real-time alerts

Slack & Discord on policy violations

Trace debugging

Drill from a trace ID to the exact event

Live event stream

Searchable, filterable log of every event

Use cases

Built for every stakeholder.

One source of truth, three views. Each role gets exactly the depth it needs, nothing more.

For CISOs & leadership

Executive AI risk visibility

Risk heatmaps show you where the exposure is. Real-time alerts tell you when something is wrong. Trend reports show whether your posture is improving.

  • Real-time alerts for critical policy violations
  • Executive risk heatmaps by department & risk category
  • AI security posture summaries over time
For compliance officers

Audit-ready governance

Demonstrate your AI governance posture to auditors, regulators, and the board. Every decision logged with full context and exportable as evidence.

  • Complete audit trail exportable as JSON or CSV
  • Policy adherence tracking with evidence capture
  • Compliance status summaries over time
For security engineers

Trace-level debugging

Debug AI security incidents with full context. Filter the unified stream by user, trace ID, product, or time range. See exactly what happened, who triggered it, and what was decided.

  • Trace-level debugging with full request / response context
  • Latency & token usage per user or connection
  • Filter and export the unified event stream
Get started

Start observing your entire AI stack today.

Lens is included in all Igris Security plans. Get the full unified observability dashboard from the moment you activate any Igris product.

Request a Demo →View All Products
  • Included in every Igris Security plan
  • Zero config , Sentinel & Guard feed in automatically
  • Complete audit trail, JSON / CSV export
  • Risk heatmaps and real-time alerts
  • Role-based access for every stakeholder