Reports
The Reports page provides a centralized view of all AI-generated security reports across your environment. It surfaces trend data, agent attribution, and report content in a single dashboard panel.
Permission required:
reports:read
Overview KPIs
Four summary cards appear at the top of the page:
| Card | Description |
|---|---|
| Total Reports | Total number of reports across all time |
| This Month | Reports generated in the current calendar month |
| This Week | Reports generated in the current 7-day window |
| Agents Active | Number of distinct agents that have produced at least one report |
Visualizations
Reports by Type (Pie Chart)
A pie chart breaks down the report corpus by category:
executive_summary— High-level risk briefings for leadershiptechnical— Detailed technical findings for SOC analystsincident— Post-incident write-ups tied to a casethreat_intelligence— IOC and threat actor intelligence digestscompliance— Framework assessment and audit evidencevulnerability— CVE analysis and patch prioritization output
Reports by Agent (Bar Chart)
A horizontal bar chart shows the top 8 most prolific report-generating agents, sorted by report count descending. This helps identify which agents are driving the most documentation activity.
Reports Over Time (Area Chart)
A 14-day area chart plots daily report volume. This helps spot spikes during incidents or drops during maintenance windows.
Reports Table
Below the charts, a paginated table (10 rows per page) lists individual reports:
| Column | Description |
|---|---|
| Title | Report title |
| Type | Category badge |
| Agent | Agent that generated the report |
| Status | draft, final, or archived |
| Severity | critical, high, medium, low, info |
| Created | Relative timestamp (e.g., "2 hours ago") |
Click any row to open the Report Detail Dialog.
Report Detail Dialog
Clicking a report opens a modal with the full report content. The dialog includes:
- Header: Title, type badge, severity badge, status badge
- Metadata: Agent name, creation date, last updated date
- Body: Full report content rendered as prose, with long-form reports collapsed via scrollable sections
- Sections: If the report includes structured sections (e.g., Executive Summary, Findings, Recommendations), they are displayed as collapsible sub-sections
Close the dialog with the × button or by clicking outside it.
Report Lifecycle
Reports flow through the following states:
draft → final → archived
- draft: Being generated or pending human review
- final: Approved and published to the SOC team
- archived: Retained for audit purposes but no longer operationally active
API Endpoints
| Method | Path | Description |
|---|---|---|
GET | /api/v1/reports | List reports (paginated, filterable by type/agent/status) |
GET | /api/v1/reports/{report_id} | Fetch full report content by ID |