TorkTORK

Admin Console

Alerts Center

Configure alerts and notifications for governance events across your AI agents.

Alert Types

Tork supports multiple alert types to keep you informed of important governance events:

Policy Violation

high

An agent action was blocked by a policy

Circuit Breaker

high

An agent circuit breaker state changed

Budget Threshold

medium

Spending reached a configured threshold

Jailbreak Attempt

high

A jailbreak attempt was detected

Approval Required

medium

An action is pending human approval

Anomaly Detected

medium

Unusual agent behavior detected

Creating Alert Rules

Configure alert rules via the API:

python
from tork_governance import TorkClient

client = TorkClient()

# Create an alert rule
alert = client.alerts.create_rule(
    name="High-Risk Policy Violations",
    description="Alert on any blocked action",
    event_types=["policy.violation"],
    conditions={
        "action": "BLOCK",
        "severity": "high"
    },
    channels=[
        {
            "type": "slack",
            "webhook_url": "https://hooks.slack.com/...",
            "channel": "#security-alerts"
        },
        {
            "type": "email",
            "recipients": ["security@company.com"]
        }
    ],
    cooldown_minutes=5  # Avoid alert storms
)

Notification Channels

Alerts can be sent to multiple channels:

Slack

Real-time alerts to channels

Email

Detailed email notifications

Webhook

Custom HTTP endpoints

Webhook Format

Alert webhook payload structure:

json
{
  "alert_id": "alert_abc123",
  "rule_id": "rule_xyz789",
  "rule_name": "High-Risk Policy Violations",
  "timestamp": "2024-01-15T10:30:00Z",
  "severity": "high",
  "event": {
    "type": "policy.violation",
    "agent_id": "agent-123",
    "policy_name": "block-medical-advice",
    "action": "BLOCK",
    "reason": "Medical advice is not permitted"
  },
  "context": {
    "user_id": "user_456",
    "session_id": "sess_789",
    "environment": "production"
  }
}

Managing Alerts

Query and acknowledge alerts:

python
# List recent alerts
alerts = client.alerts.list(
    status="active",
    severity=["high", "critical"],
    start_time="2024-01-15T00:00:00Z",
    limit=50
)

for alert in alerts:
    print(f"[{alert.severity}] {alert.rule_name}: {alert.message}")

# Acknowledge an alert
client.alerts.acknowledge(
    alert_id="alert_abc123",
    user_id="admin@company.com",
    note="Investigating the issue"
)

# Resolve an alert
client.alerts.resolve(
    alert_id="alert_abc123",
    resolution="False positive - test transaction"
)

Tip: Use cooldown periods and severity filters to prevent alert fatigue while maintaining visibility.

Documentation

Learn to integrate TORK

Upgrade Plan

Current: free

Support

Get help from our team