Events
The Events page is the main day-to-day investigation surface in the Keeptrusts console. It lets you review what happened to a request, why a policy allowed or blocked it, and which configuration or gateway handled it.
Use this page when
- You need to investigate why a request was blocked, allowed, redacted, or escalated.
- You want to query events via the console UI or API to answer audit, compliance, or debugging questions.
- You need to understand what metadata an event exposes (verdict, reason, config version, provider, model, redactions, quality scores).
Use Events when you need to answer questions like:
- Which requests were blocked in the last hour?
- Which policy produced this redaction or escalation?
- Which gateway, model, or config version handled the request?
- Which conversation or history session should I inspect next?
Primary audience
- Primary: Technical Engineers
- Secondary: AI Agents, Technical Leaders
Workflow map
Event list behavior
Customers can:
- Filter the page by relative time windows such as
1h,6h,24h,7d, and30d. - Page through results with a
Load moreaction. - Open inline detail with
View detailsfrom the table. - Open a dedicated event page by clicking the Event ID.
Each event row shows:
- Time
- Event type
- Verdict
- Reason code
- Config version
Event detail views
Whether you open the inline drawer or the dedicated event page, the detail view can show:
- Event ID, type, time, verdict, reason, request ID, and gateway identity
- Context such as config version, config ID, and config name
- A degraded-mode warning when present
- Provider, route, and API-shape badges for AI provider events
- Promoted AI metadata from both request and response payloads, rendered only when values are present
- Safety settings from the AI model and safety response from the AI model when supplied by the provider
- Output preview for the generated response when a readable preview can be derived
- Policy Results, including policy kind, phase, verdict, and reason
- Redactions, including kind and replacement
- Rewrite metadata when a rewrite occurred
- Quality Scores for aggregate, faithfulness, relevancy, coherence, completeness, and accuracy when available
- Prompt metadata, including whether the prompt was redacted and the prompt hash
- Raw request and response payload sections, collapsed by default until you expand them
Related investigation surfaces
Events is one part of the investigation workflow:
- Use History when you want the full conversation ledger and exportable session detail.
- Use Sessions when you want grouped interaction timelines, tags, and agent attribution.
- Use Exports when you need a durable artifact for compliance review or incident follow-up.
Querying events via the API
You can fetch events programmatically through the Keeptrusts API.
cURL
# List recent events
curl https://api.keeptrusts.com/v1/events \
-H "Authorization: Bearer $KEEPTRUSTS_API_TOKEN"
# Get a specific event by ID
curl https://api.keeptrusts.com/v1/events/evt_abc123 \
-H "Authorization: Bearer $KEEPTRUSTS_API_TOKEN"
Python
import httpx
headers = {"Authorization": f"Bearer {api_key}"}
base = "https://api.keeptrusts.com"
events = httpx.get(f"{base}/v1/events", headers=headers).json()
for event in events["data"]:
print(f"{event['id']} | {event['verdict']} | {event['reason']}")
Node.js
const headers = { Authorization: `Bearer ${apiKey}` };
const base = "https://api.keeptrusts.com";
const events = await fetch(`${base}/v1/events`, { headers }).then((response) => response.json());
events.data.forEach((event) => console.log(`${event.id} | ${event.verdict} | ${event.reason}`));
Traces and OTLP
The old public trace surface has been retired:
POST /v1/tracesnow returns410 GoneGET /v1/tracesnow returns410 Gonekt traces ...commands have been removed- The console no longer exposes a dedicated traces page or prompt trace tab
If your deployment still needs trace drill-down outside the public console surface:
- send OTLP spans to your collector and span store such as VictoriaTraces
- correlate requests from Keeptrusts event IDs, request IDs, and session history
- use your deployment-specific observability runbooks for collector, storage, and retention details
For AI systems
- Canonical terms: Keeptrusts, Events, event detail, verdict, reason code, config version, redactions, policy results, quality scores, event_attribution, OTLP traces (deprecated).
- API endpoints:
GET /v1/events,GET /v1/events/{id}. - Related pages: Escalations, Exports, Export Evidence for a Review, History and Sessions, Gateway Runtime Features.
For engineers
- Query events via
GET /v1/eventswith Bearer token authentication. Filter by time window in the console or pass query parameters via the API. - Each event row exposes: time, event type, verdict, reason code, and config version. The detail view adds provider, model, redactions, policy results, quality scores, and raw payloads.
- The OTLP trace surface (
POST /v1/traces,GET /v1/traces) returns410 Gone— send spans to your own collector (e.g., VictoriaTraces) and correlate using Keeptrusts event IDs. - If an event shows a degraded-mode warning, check gateway connectivity and upstream provider health.
For leaders
- Events are the primary audit trail for every AI request governed by Keeptrusts — they record what was decided, why, and under which policy version.
- Daily review of blocked/escalated events is the minimum operating cadence for compliance teams.
- Event exports paired with request IDs create the evidence packets required for regulatory audits (EU AI Act, SOC 2, ISO 27001).
- Retirement of the public trace surface means self-hosted deployments must maintain their own observability stack for deep execution traces.