Console Overview: Your AI Governance Command Center

The Keeptrusts console is your AI governance command center because it puts the full operating loop in one place: the Overview dashboard shows current health, Events shows request-level facts, Escalations handles human review, Configurations and Templates manage policy changes, Knowledge Base governs runtime context, Wallets and spend surfaces track cost, and Settings covers roles, teams, SSO, exports, and token-backed credentials.

Use this page when

• You are new to the console and need a practical map of what each major surface is for.
• You want to understand how operators move from monitoring to investigation to remediation.
• You need to explain to your team why the console matters even when policy authoring starts in YAML.

Primary audience

• Primary: Technical Engineers
• Secondary: Technical Leaders, Security and Compliance reviewers

The problem

AI governance breaks down when each operational question lives in a different tool. One team checks gateway logs for a blocked request, another checks spreadsheets for spend, a third checks chat transcripts for reviewer notes, and no one can quickly connect the decision to the running config version. That fragmentation becomes a real issue once more than one team is using AI in production.

The hard part is not collecting data. Keeptrusts already emits decision events, supports escalation workflows, versions configurations, records Knowledge Base citations, and keeps spend under wallet control. The hard part is turning all of that into an operating loop that people can follow under time pressure. If a reviewer sees a spike in queued escalations, they need to answer several questions quickly: which policy fired, which config version is running, whether the spike is tied to one team or provider, whether spend changed at the same time, and whether the result needs evidence export for an audit or incident handoff.

Without a central surface, teams end up reacting to symptoms. They may tune a policy before checking whether a gateway is offline, or escalate an incident before confirming that a new configuration was rolled out an hour earlier. The result is slower investigations, unnecessary policy churn, and weak change evidence.

The solution

The console solves this by organizing the work into a predictable sequence.

Start with Overview for the current state. The page combines event-derived summaries with gateway health, period spend, a quality trend, verdict breakdown, and a recent-events feed. If there are queued escalations, the page raises that as a priority rather than expecting operators to discover it later.

Move to Events when you need facts about a specific request. Events are the durable record of what the gateway decided, when it decided it, and which policy chain produced the result. That is where blocked, allowed, redacted, and escalated traffic becomes reviewable.

Use Escalations when a decision requires a human. Keeptrusts separates event evidence from reviewer action on purpose. An event tells you what happened; an escalation tells you who took ownership, what they decided, and whether the item is still queued, claimed, or resolved.

Use Configurations and Templates when the answer is a policy change rather than a case-by-case override. Templates help teams start from a known pattern. Configurations provide the YAML workbench, draft lint, version history, comparison, and rollout flow.

Use Knowledge Base when the issue is not access or policy but context quality. If an agent is producing weak or inconsistent answers, the right fix may be to create, promote, and bind a curated knowledge asset rather than loosening controls.

Use Usage, spend, and wallets when the question is cost or budget pressure. The console does not treat spend as an afterthought. Period spend, top-provider visibility, wallet scope, and cost tickets let teams connect governance behavior to actual runtime cost.

Use Settings for the longer-lived control plane: members, teams, roles, SSO, security settings, evidence exports, and token-backed credentials. These are not day-to-day triage tools, but they determine who can operate the rest of the platform safely.

Implementation

The most practical way to use the console is to follow the same loop every day.

1. Open Overview and choose the time window that matches the question. Use a short window for incident response and a longer window for trend review.
2. Check whether queued escalations are present. If they are, jump to Escalations first because unresolved review items are an operational priority.
3. Look at gateway health and period spend. If gateways are offline or spend changes sharply, you may be looking at a platform event rather than a policy mistake.
4. Review the verdict breakdown and quality trend. If blocks or escalations rose after a rollout, the next stop is usually Events and then Configurations.
5. Open the recent events list and inspect representative items. Confirm verdict, policy result, request metadata, and config version.
6. If the result needs a human decision, claim and resolve it in Escalations. If the result needs a policy change, edit the YAML in Configurations. If the result needs better grounding, inspect Knowledge Base bindings and citations.
7. Export evidence when the investigation needs to leave the console and be handed to security, legal, or compliance.

The console works best when paired with the CLI for spot checks. A simple example is validating what you see in the UI against the recent event stream and policy lint locally:

kt events tail --limit 5 --json
kt policy lint policy-config.yaml

That command pair reflects how Keeptrusts is designed to operate. The console is the management surface; the CLI remains useful for operator verification, local testing, and rollout preparation.

It is also useful to think of the console as having three lanes of work.

The first lane is observe: Overview, Usage, Wallets, and recent events tell you what is happening now.

The second lane is decide: Events, Escalations, and evidence exports help reviewers determine whether the current behavior is intended, risky, or misconfigured.

The third lane is change: Templates, Configurations, Knowledge Base, roles, and SSO settings let you alter the system without losing traceability.

For example, imagine a support team reports that an internal assistant started escalating more responses than usual after a Friday rollout. An operator can open Overview, see the queued review alert, confirm gateways are healthy, inspect the verdict mix, jump into Events to verify the reason code and config version, compare the current configuration in Configurations, and then either revert the YAML or adjust the escalation threshold. If the investigation must be shared with a compliance reviewer, the same operator can export the evidence packet from Settings. That entire loop stays inside the same product surface.

Results and impact

Using the console this way changes the quality of operations more than the quantity of data. Teams stop debating which dashboard is authoritative because the control plane, event stream, and reviewer workflow are already connected. A blocked request is no longer just an error. It is linked to a policy result, a config version, a possible escalation, and, when needed, an evidence export.

It also shortens the path between discovery and response. A rise in escalations is visible in Overview. A reviewer can claim the item in Escalations. An engineer can verify the event in Events. A platform owner can adjust the configuration or template. A knowledge owner can bind better context if the issue is answer quality rather than policy strictness. Finance can review spend and wallets if the same traffic spike changed cost. Those are distinct responsibilities, but the console keeps them aligned.

This matters for governance because operational evidence is only useful if people can actually find it during a real incident or review window. Keeptrusts does not rely on a single dashboard metric to prove control. It relies on the relationship between pages: Overview for signal, Events for detail, Escalations for human action, Configurations for controlled change, Knowledge Base for governed context, and Exports for handoff.

Key takeaways

• Treat the console as an operating loop, not just an admin UI.
• Start investigations in Overview, but move to Events and Escalations for facts and decisions.
• Use Configurations and Templates when the fix is policy logic, not one-off reviewer action.
• Use Knowledge Base when the issue is missing or ungoverned context.
• Keep evidence exports, roles, SSO, and token management in Settings so administrative control stays separate from daily triage.

Next steps

• Keeptrusts Docs
• Configurations
• Reviewing Alerts and Evidence
• How To: Resolve an Escalation
• Spend & Wallets
• Knowledge Base