SecureAuth AI Gateway
Getting Started

Monitor activity

See what your agents are doing in real time

Once agents are connected and making tool calls, you can monitor everything from the dashboard.

Dashboard showing governance overview
The dashboard provides a high-level view of agents, resources, policies, and activity

Dashboard

The dashboard shows key metrics at a glance:

  • Governance posture — whether all agents and resources have active policy coverage
  • Agents — total count with active agents in the selected period
  • Users — active users in the selected period
  • Resources — connected MCP server count
  • Policies — total policies with active count

Below the metrics, a tool executions chart shows activity trends with a blocked-call count badge. The bottom row shows recently registered agents (with the user who registered each one), recent activity, and top blocked tools.

Audit log

Navigate to Audit Log to see a real-time feed of every action. Each entry shows the timestamp, actor (user or agent), the resource and tool involved, and the outcome.

Audit log showing tool execution events
Every tool call is logged with the user, agent, resource, and outcome

Events include tool executions, agent connections, policy changes, resource changes, and connection events. Click any entry to expand and see full details including metadata like IP address and browser.

Use the filter bar to narrow the feed by action type, agent instance, agent (for example, all Claude Code clients), or resource.

Analytics

Navigate to Analytics to see aggregated data over time. The page is split into two tabs: Usage and Security.

Usage

Analytics dashboard with charts and metrics
The Usage tab shows tool execution trends, top agents, top resources, and hourly patterns
  • Tool executions over time — line chart showing activity trends
  • Top tools — most frequently called tools across all agents
  • Top agents — most active agents by execution count, with the owning user shown
  • Top users — most active users by tool execution count
  • Top resources — most used MCP servers
  • Hourly distribution — tool call volume by hour of day (UTC)
  • Event breakdown — audit events grouped by type

Security

The Security tab surfaces tool calls that were blocked by policy — useful for investigating which agents are hitting policy boundaries and which policies are doing the most enforcement.

Security tab showing blocked tool analytics
The Security tab shows blocked tool calls over time, top blocked tools, and which policies are doing the most blocking
  • Blocked calls — total count of policy-blocked tool calls in the selected period
  • Blocked tool calls over time — line chart showing when blocks happen
  • Top blocked tools / agents / resources — what's hitting policy walls
  • Top blocking policies — which policies are doing the most enforcement

Each blocked tool event in the audit log references the policy that caused the block (id, name, description), so you can identify the responsible policy even if it has since been modified or renamed.

Use the time range selector (24 h, 7 d, 30 d, 90 d) and the optional agent-instance, agent, and resource filters to drill down across both tabs.

Connect an agent

Point your agent at the gateway and start using tools

How it works

Understand how SecureAuth AI Gateway proxies MCP requests

On this page

DashboardAudit logAnalyticsUsageSecurity