Violations

the violations view helps you understand what happens when users interact with ai applications and when policy violations occur it provides a clear, timeline based view of user actions, policy violations, and how users responded to security interventions accessing violations navigate to the violations page from the main navigation you'll see a table of all sessions that have violations click on any session to view its detailed activity timeline understanding the timeline what you'll see each session timeline shows a chronological view of what happened during a user's interaction with an ai application the timeline is organized into outcome based cards that group related activities together user interaction what the user was trying to do (e g , navigate to a page, submit a prompt, paste content) violations detected which policies were triggered interventions shown what warnings or blocks were presented to the user user response how the user responded to the intervention outcome categories activities are color coded and categorized by their outcome 🔴 bypassed (red) the user was blocked by a policy but chose to dismiss the warning and proceed anyway these require immediate attention as they indicate users are actively working around security controls 🔴 blocked (red) a policy violation was detected and the user was blocked, but they haven't responded yet the action is currently prevented 🟠 logged (orange) a policy violation was detected and logged, but the user was allowed to continue these are monitoring only policies that don't block users 🟢 corrected (green) the user was blocked by a policy and chose to fix the issue (remediation) for example, they removed sensitive data from their prompt these are successful interventions ⚪ clean (gray) no violations were detected these are normal, policy compliant interactions you can hide these to focus only on violations filtering the timeline at the top of the timeline, you'll see a summary bar showing the count of each outcome type click on any outcome badge to filter the timeline to show only that type click the clean toggle to show or hide interactions with no violations click clear filters to reset and show all activities this makes it easy to focus on specific types of violations or user behaviors reading individual activities each card in the timeline shows user interaction details application which ai app was being used action type what the user was doing (navigation, input, paste, prompt) timestamp when the interaction occurred content preview what the user tried to do (may be encrypted for privacy) violation information policy name which policy was violated violation type app policy or behavior policy reason why the violation was triggered intervention & response intervention message what warning or block was shown to the user user action whether they fixed the issue, dismissed the warning, or haven't responded remediation details if applicable, what changes the user made encrypted content for privacy and security, some user content may be encrypted administrators with the proper decryption key can view this content click the decrypt button at the top of the timeline paste your private decryption key optionally save the key for this session the timeline will refresh showing decrypted content common use cases investigating policy bypasses filter to show only bypassed outcomes review which users are dismissing warnings identify patterns in what policies are being bypassed consider adjusting policies or providing additional training monitoring policy effectiveness look at the ratio of corrected vs bypassed outcomes high correction rates indicate effective policies high bypass rates may indicate policies need adjustment reviewing logged violations filter to logged outcomes review patterns to decide if these should become blocking policies identify training opportunities understanding user behavior view the full timeline to see the user's journey understand context around violations see how users respond to interventions over time