PalveronPalveronDocs
User Handbook

Trace Explorer

Browse, analyze, and verify every governance decision on the blockchain.

The Trace Explorer turns the append-only, tamper-evident trace store into something you can actually navigate — by agent, decision, policy, time, or full-text.

Open the Trace Explorer

Navigate to Monitoring → Traces in the sidebar.

📸 Screenshot: Trace Explorer with filter list

Filters

FilterOptions
DecisionPASSED, BLOCKED, MODIFIED, APPROVED, REJECTED, WARN_PROCEEDED, JUSTIFIED
AgentDropdown of all registered agents
PolicyWhich policy triggered
Time rangeLast hour, today, last 7 days, custom range
BlockchainAnchored, pending, local-only
Enginenge_local, nge_fallback, llm_only, disabled
Trace typeVERIFY, MCP_TOOL_CALL, BROWSER_SHIELD, LIFECYCLE
Full-text searchSearch across prompts and responses (subject to redaction)

Combine filters freely. The URL captures the filter state — share a link to the exact view your colleague needs.

Trace detail

Click any trace to open the detail view. Sections (in order):

Prompt and response

  • Prompt — input text (full or redacted depending on the agent's data-protection level)
  • Response — LLM output, when captured
  • Attachments — list of multi-modal payloads with content type and size

Decision

  • PASSED / BLOCKED / MODIFIED with the policy-supplied reason
  • Match details — what specifically triggered the decision (see below)
  • User action badge — present when a reviewer recorded a manual action

Match details

Each match has a type and the field that fired:

typeWhat matchedExample
keyword_matchAho-Corasick or regex keywordmatch: "delete from"
entity_detectionNGE NER hitentity: SSN, confidence: 0.99
tool_callMCP tool name + agenttool: bash.execute, agent: cursor-prod
rate_patternPer-agent burst or rate signal15 calls in 10s
semantic_similarityNLI similarity above thresholdintent: leak credentials, score: 0.82

Detection modes (Exact Match / Semantic / Auto) determine which of these can fire. See Detection Mode.

NGE analysis

When NGE was active (engine nge_local or nge_fallback):

  • Engine badge — shows which engine produced the decision and whether the call escalated to LLM-assist
  • Confidence bars — bars per NLI dimension (injection, toxicity, off_topic, pii_density) with the threshold line drawn at the active sensitivity preset
  • Entity labels — color-coded inline highlights on the prompt: PII, SECRET, INJECTION, TOXICITY
  • Stage timing — milliseconds per pipeline stage (Regex / Aho-Corasick / ONNX NER / NLI / LLM-Assist) — useful for diagnosing slow traces

Triggered policies

List of every policy evaluated against the trace, with green checkmark (passed) or red flag (triggered). Click a policy to jump to its editor.

User action badge

If a reviewer recorded an action on this trace (Browser Guard WARN, MCP approval, etc.), a colored badge surfaces it:

ActionColorMeaning
WARN_PROCEEDEDAmberUser saw the warning and continued anyway — justification recorded
JUSTIFIEDBlueUser provided a business justification (e.g. "internal demo")
APPROVEDGreenReviewer approved a queued request
REJECTEDRedReviewer rejected a queued request
REDIRECTEDPurpleUser redirected to a sanctioned alternative

Hover the badge to see the justification text and the responsible user.

Governance metadata

Timestamp, agent ID, ingestion path, latency, request metadata.

Blockchain status

Integrity hash, Merkle proof path, Flare transaction hash, block number, anchor age. Verify on Flare opens the public block explorer.

Verifying a trace on the blockchain

In the trace detail, click Verify on Flare. A new tab opens with the Flare block explorer; the transaction hash matches what Palveron stored. For programmatic verification (e.g. inside an auditor's tooling), use the unauthenticated POST /api/v1/verify-proof endpoint.

CSV export

Click Export → CSV to download the currently filtered traces. Useful for ad-hoc analysis or evidence packages. For bulk exports above the dashboard limit (5,000 rows), use GET /api/v1/export.

On this page