Admin Console

Alerts Center

Configure alerts and notifications for governance events across your AI agents.

Alert Types

Tork supports multiple alert types to keep you informed of important governance events:

Policy Violation

high

An agent action was blocked by a policy

Circuit Breaker

high

An agent circuit breaker state changed

Budget Threshold

medium

Spending reached a configured threshold

Jailbreak Attempt

high

A jailbreak attempt was detected

Approval Required

medium

An action is pending human approval

Anomaly Detected

medium

Unusual agent behavior detected

Creating Alert Rules

Configure alert rules via the API:

python
from tork_governance import TorkClient

client = TorkClient()

# Create an alert rule
alert = client.alerts.create_rule(
    name="High-Risk Policy Violations",
    description="Alert on any blocked action",
    event_types=["policy.violation"],
    conditions={
        "action": "BLOCK",
        "severity": "high"
    },
    channels=[
        {
            "type": "slack",
            "webhook_url": "https://hooks.slack.com/...",
            "channel": "#security-alerts"
        },
        {
            "type": "email",
            "recipients": ["security@company.com"]
        }
    ],
    cooldown_minutes=5  # Avoid alert storms
)

Notification Channels

Alerts can be sent to multiple channels:

Slack

Real-time alerts to channels

Email

Detailed email notifications

Webhook

Custom HTTP endpoints

Webhook Format

Alert webhook payload structure:

json
{
  "alert_id": "alert_abc123",
  "rule_id": "rule_xyz789",
  "rule_name": "High-Risk Policy Violations",
  "timestamp": "2024-01-15T10:30:00Z",
  "severity": "high",
  "event": {
    "type": "policy.violation",
    "agent_id": "agent-123",
    "policy_name": "block-medical-advice",
    "action": "BLOCK",
    "reason": "Medical advice is not permitted"
  },
  "context": {
    "user_id": "user_456",
    "session_id": "sess_789",
    "environment": "production"
  }
}

Managing Alerts

Query and acknowledge alerts:

python
# List recent alerts
alerts = client.alerts.list(
    status="active",
    severity=["high", "critical"],
    start_time="2024-01-15T00:00:00Z",
    limit=50
)

for alert in alerts:
    print(f"[{alert.severity}] {alert.rule_name}: {alert.message}")

# Acknowledge an alert
client.alerts.acknowledge(
    alert_id="alert_abc123",
    user_id="admin@company.com",
    note="Investigating the issue"
)

# Resolve an alert
client.alerts.resolve(
    alert_id="alert_abc123",
    resolution="False positive - test transaction"
)

Tip: Use cooldown periods and severity filters to prevent alert fatigue while maintaining visibility.

Documentation

Learn to integrate TORK

Upgrade Plan

Current: free

Support

Get help from our team