The dashboard

Using the dashboard

The Atested dashboard is your window into what Atested is doing, what decisions it has made, and what you can control.

Starting the dashboard

The dashboard is always available when the proxy is running. Open it at http://localhost:9700 (configurable via DASHBOARD_PORT). The dashboard binds to localhost only — it is not accessible from other machines on your network. Authentication is handled automatically via a session token. No login form and no credentials to manage. Only operators can change anything.

Overview

The main page shows your Atested installation at a glance: chain health, recent activity, machine role, and governance statistics. On a primary, it shows connected remotes and version warnings. On a remote, it shows sync status, pending record count, and freshness of the approval and policy state.

Activity

The Activity page is a chronological feed of everything Atested has done. Each entry shows the operation, the classification, the policy decision, the matched rule, and the machine that produced the record. Filter by time, decision type, action category, or machine. Toggle columns to show or hide fields like matched rule, confidence tier, target path, and machine. Click any record to see the full evidence and reasoning.

Export the current view as JSON, CSV, or Excel. All exports require operator authentication via license key, and every export is recorded in the governance chain so there is always a record of who exported what and when.

Approvals

Approvals is where you grant exceptions to denied actions. When Atested denies an action you need, it can be approved here. Approvals persist until Atested detects a change in the operation, at which point it surfaces again for review. Active approvals can be reviewed and revoked at any time.

Audit

Audit has two modes: Search and Walker.

Search filters the chain by time range, policy decision, action type, confidence tier, event category, or machine. Results display in a table with toggleable columns, including machine. Export matching records as JSON, CSV, or Excel. All exports require operator authentication via license key, and every export is recorded in the chain.

Walker is a synchronized dual-pane investigation tool. The left pane shows an 11-row data view centered on the current record: sequence number, timestamp, category, decision, action, target, tier, matched rule, machine, and record hash. The right pane shows human-readable narratives for the same records. Step forward and back through the chain, or use playback at four speeds in either direction. Jump directly to the next or previous alert. Filter the walker by decision, category, action type, or machine. Switch between the live chain and archived chains from the source picker.

Evidence packages

From the Walker, select a range of chain records and create an encrypted evidence package. Choose all machines, primary only, one machine, or selected machines. Enter a password (minimum 12 characters) and an optional intended recipient. Atested encrypts the selected records with PBKDF2-HMAC-SHA-256 key derivation (310,000 iterations) and AES-256-GCM, then packages them into a ZIP file containing the encrypted payload, manifest, public key, verification summary, machine registry snapshot, relevant import envelopes, sidecar hashes, and a self-contained browser-based viewer.

The viewer opens in any browser with no install. It decrypts the package client-side, verifies the ciphertext hash integrity and chain record hash linkage, then renders the evidence in two modes: a non-technical view with plain-language explanations of what the chain proves and what it doesn't, and a technical view with manifest details, encryption parameters, verification results, and a record-level hash linkage table. The viewer is view-only — there is no decrypted data download function.

Record Detail

Record Detail shows the complete evidence for any chain entry: the decision, the matched policy rule, the operation proposed, the classification produced, and the result. Remote-originated records show a machine indicator with machine_id, event_timestamp_utc, and primary_import_timestamp_utc. DENY records include an "Approve this operation" shortcut that opens Approvals with the denied operation prefilled.

Reports

Reports help you understand patterns and produce evidence for review. Pick a predefined report, choose or accept the default time range, optionally select a machine scope, and click Generate. Export produces clean JSON for external review.

For the full report reference, see Reports and support.

Health

Health shows the operational status of your Atested installation. Everything is verified continuously — you do not need to run checks manually.

Configuration

Configuration is where you manage what Atested governs. It shows the current policy rules, base directories, discovered operations, signing status, and machine registry. Changes to the policy rules require license key authentication.

Policy rules are displayed as readable cards, each showing the rule order, rule ID, ALLOW or DENY decision, description, and condition tags (action type, tier, scope, target constraints). Base directories show constraint badges for deny_hidden_paths and deny_executable_outputs so you can see at a glance what each directory restricts. Drill down into the full rule list from the summary pane.

The machine registry shows the local machine ID, registry hash, primary/remote role, authorized machines, license status, last sync time, and version for each remote.

Communications

Communications is where you submit requests, manage priority slots, and control telemetry participation.

Submit a request at Standard priority (always available, recorded in the governance chain) or use a Medium or High priority slot if your license tier includes them. Priority requests are acknowledged on receipt and the slot is immediately available again while resolution continues separately. Request history shows every submission with its current status.

Telemetry participation is managed here. Opt in or out at any time. On multi-machine installs, remotes sync telemetry summaries to the primary and only the primary transmits externally. Each transmission is recorded with a payload hash and machine coverage that you can verify against your governance chain. Emergency communications are never affected by telemetry status. See the Telemetry Transparency report in Reports for the exact data.

Trouble and telemetry

The Trouble button is always available from the operator UI. It captures the current page, open window stack, active element summary, license label, and selected report/activity context so support can see what you were looking at. You add the description and priority. Trouble reports are support artifacts stored under gov_runtime/LOGS/trouble/, not governance chain records.

Telemetry controls are managed in Communications and shown in Reports. Atested stores anonymous summary counters under gov_runtime/LOGS/telemetry/summary.json. It does not store or send raw interaction events, and telemetry payload content is not written to the governance chain. Remote submissions record only destination, payload hash, and payload size metadata. You can review the exact summary in the Telemetry Transparency report and opt out at any time. See Trust and telemetry for full details.