Trace Explorer
Browse, analyze, and verify every governance decision on the blockchain.
The Trace Explorer turns the append-only, tamper-evident trace store into something you can actually navigate — by agent, decision, policy, time, or full-text.
Open the Trace Explorer
Navigate to Monitoring → Traces in the sidebar.
📸 Screenshot: Trace Explorer with filter list
Filters
| Filter | Options |
|---|---|
| Decision | PASSED, BLOCKED, MODIFIED, APPROVED, REJECTED, WARN_PROCEEDED, JUSTIFIED |
| Agent | Dropdown of all registered agents |
| Policy | Which policy triggered |
| Time range | Last hour, today, last 7 days, custom range |
| Blockchain | Anchored, pending, local-only |
| Engine | nge_local, nge_fallback, llm_only, disabled |
| Trace type | VERIFY, MCP_TOOL_CALL, BROWSER_SHIELD, LIFECYCLE |
| Full-text search | Search across prompts and responses (subject to redaction) |
Combine filters freely. The URL captures the filter state — share a link to the exact view your colleague needs.
Trace detail
Click any trace to open the detail view. Sections (in order):
Prompt and response
- Prompt — input text (full or redacted depending on the agent's data-protection level)
- Response — LLM output, when captured
- Attachments — list of multi-modal payloads with content type and size
Decision
PASSED/BLOCKED/MODIFIEDwith the policy-supplied reason- Match details — what specifically triggered the decision (see below)
- User action badge — present when a reviewer recorded a manual action
Match details
Each match has a type and the field that fired:
type | What matched | Example |
|---|---|---|
keyword_match | Aho-Corasick or regex keyword | match: "delete from" |
entity_detection | NGE NER hit | entity: SSN, confidence: 0.99 |
tool_call | MCP tool name + agent | tool: bash.execute, agent: cursor-prod |
rate_pattern | Per-agent burst or rate signal | 15 calls in 10s |
semantic_similarity | NLI similarity above threshold | intent: leak credentials, score: 0.82 |
Detection modes (Exact Match / Semantic / Auto) determine which of these can fire. See Detection Mode.
NGE analysis
When NGE was active (engine nge_local or nge_fallback):
- Engine badge — shows which engine produced the decision and whether the call escalated to LLM-assist
- Confidence bars — bars per NLI dimension (
injection,toxicity,off_topic,pii_density) with the threshold line drawn at the active sensitivity preset - Entity labels — color-coded inline highlights on the prompt:
PII,SECRET,INJECTION,TOXICITY - Stage timing — milliseconds per pipeline stage (Regex / Aho-Corasick / ONNX NER / NLI / LLM-Assist) — useful for diagnosing slow traces
Triggered policies
List of every policy evaluated against the trace, with green checkmark (passed) or red flag (triggered). Click a policy to jump to its editor.
User action badge
If a reviewer recorded an action on this trace (Browser Guard WARN, MCP approval, etc.), a colored badge surfaces it:
| Action | Color | Meaning |
|---|---|---|
WARN_PROCEEDED | Amber | User saw the warning and continued anyway — justification recorded |
JUSTIFIED | Blue | User provided a business justification (e.g. "internal demo") |
APPROVED | Green | Reviewer approved a queued request |
REJECTED | Red | Reviewer rejected a queued request |
REDIRECTED | Purple | User redirected to a sanctioned alternative |
Hover the badge to see the justification text and the responsible user.
Governance metadata
Timestamp, agent ID, ingestion path, latency, request metadata.
Blockchain status
Integrity hash, Merkle proof path, Flare transaction hash, block number, anchor age. Verify on Flare opens the public block explorer.
Verifying a trace on the blockchain
In the trace detail, click Verify on Flare. A new tab opens with the Flare block explorer; the transaction hash matches what Palveron stored. For programmatic verification (e.g. inside an auditor's tooling), use the unauthenticated POST /api/v1/verify-proof endpoint.
CSV export
Click Export → CSV to download the currently filtered traces. Useful for ad-hoc analysis or evidence packages. For bulk exports above the dashboard limit (5,000 rows), use GET /api/v1/export.