Skip to main content

Dashboard

SigmaShake provides two dashboard experiences:

  1. Local Dashboard (ssg serve) — A developer-facing real-time governance UI running on your machine
  2. Fleet Dashboard (Enterprise) — A cloud-hosted control plane for managing agents, policies, and SSO across your organization

Local Dashboard

The local dashboard is a real-time governance UI served at http://localhost:5599.

Starting the dashboard

ssg serve

The dashboard opens at http://localhost:5599 — a real-time view of every tool call your AI agents make, what was allowed or blocked, and anything held for your review:

SigmaShake local dashboard home — evaluation stats, one-tap protection packs, and a live recent-activity feed of allowed, logged, force-allowed, and blocked tool calls

Pages

Home (/)

The main dashboard shows:

  • Stats cards — Total evaluations, blocked, forced, asked
  • Pending approvals — ASK decisions waiting for human review
  • Blocked actions — Recent denied tool calls
  • Audit log — Latest evaluations with decision, rule, tool, and timestamp

All sections update in real-time via Server-Sent Events (SSE).

Rules (/rules)

Browse and inspect all loaded governance rules:

  • Rule ID, priority, severity, decision, target
  • Condition details
  • Enabled/disabled status
Dashboard Rules page — the Rule Firewall showing active rules, tool-use coverage mapped to MITRE ATT&CK tactics, and the live allow/block/log/ask/force decision mix

Audit (/audit)

Full audit log with filtering:

  • Filter by decision type (allow, block, log, shadow, ask, force)
  • Filter by tool name
  • Search within audit entries
  • Agent subagent_type shown as inline badges
Dashboard Audit page — a filterable log of every tool call, with allow / block / log / hold / force decisions, decision and agent filters, and the originating AI agent per row

Approvals (/approvals)

The human-in-the-loop queue for ASK decisions — tool calls pause here until you approve or deny:

  • Pending cards — each shows the tool, the matched rule, and the exact input (command, or file + content)
  • Approve / Deny / Adjust rule — decide inline, or jump straight to tuning the rule that fired
  • History — past decisions, filterable by allow / block / ask / force / log
Dashboard Approvals page — pending ASK tool calls with approve / deny / adjust-rule controls and a filterable decision history

Profile (/profile)

Evaluation performance profiling:

  • Latency distribution
  • Slowest rules
  • Cache hit rates
Dashboard Profile page — eval performance profiling with median and P99 latency, a per-phase breakdown, optimization recommendations, and session history

Debug (/debug)

AI-native realtime debugger — see why a tool call was blocked, whether a new rule actually fired, and where eval latency is going. Five tabs (RCA, Timeline, Watch, State, Metrics) all backed by the same ssg:// URI resolver that powers the ssg debug CLI and ssg_debug_* MCP tools.

Dashboard Debug page — the AI-native debugger with plain-English questions (why was this blocked, did my rule fire) and the RCA / Timeline / Watch / State / Metrics tabs

The Timeline (per-stage eval frame visualization) requires SSG_DEBUG_ENABLED=1 on the daemon; everything else works out of the box.

See the dedicated Debug Page guide for tab-by-tab walkthrough, env-var setup, and CLI/MCP equivalents.

Monitor (/monitor)

Live daemon health and throughput at a glance:

  • CPU / memory gauges and P50 / P95 / P99 eval-latency readouts
  • Total evals and per-second throughput, with the live decision mix
  • Live event stream — eval decisions as they happen
Dashboard Monitor page — daemon CPU and memory gauges, P50/P95/P99 latency, total evals and throughput, the decision mix, and a live event stream

React SPA Architecture

The dashboard is built as a highly responsive React Single Page Application (SPA).

  • Client-Side Rendering — UI interactions and state are managed entirely within the browser payload.
  • REST JSON API — Data is fetched from the SigmaShake engine via JSON API endpoints rather than HTML fragments.
  • SSE Streams — Real-time synchronization of approvals and audit logs is maintained dynamically via EventSource.

API endpoints (JSON)

MethodPathPurpose
GET/api/healthHealth check
GET/api/auditAudit log data
GET/api/blockedBlocked commands
GET/api/statsDecision statistics
GET/api/metricsPerformance metrics
GET/api/eventsSSE event stream
POST/api/pendingCreate approval request
GET/api/pending/:id/statusCheck approval status
POST/api/decide/:idApprove/deny a pending request
GET/api/json/workflowsList workflows + recent runs
GET/api/json/workflows/:idFetch single workflow run detail

Fleet Dashboard (Enterprise)

The Fleet dashboard is a cloud-hosted control plane available at https://{your-org}.fleet.sigmashake.com. It provides centralized management for enterprise organizations.

Accessing the Fleet Dashboard

Navigate to your org's Fleet URL:

https://sigmashake.fleet.sigmashake.com

Authentication is required via SSO (Okta, Azure AD, etc.) or session cookie. See Fleet SSO Setup for configuration.

Fleet Dashboard Pages

PagePathDescription
Agents/agentsView and manage enrolled machines, their status, last check-in, and policy versions
Policies/policiesCreate and manage fleet-wide governance policy bundles
Enrollment/enrollmentGenerate enrollment codes for onboarding new machines
Health/healthOrg-wide agent health overview with connectivity status
Audit/auditCentralized audit log across all fleet agents
Hub Catalog/hub-catalogBrowse and deploy Hub rulesets to your fleet
Settings/settingsOrganization settings, SSO configuration, and member management

Fleet CLI Commands

# Enroll a machine into your fleet org
ssg fleet enroll --code=<enrollment-code>

# Check enrollment and policy status
ssg fleet status

# Remove fleet enrollment
ssg fleet unenroll

See CLI Reference for full fleet command documentation.