checkrd

Dashboard

Query aggregated telemetry stats, timeseries, top hosts, and paginated events.

Dashboard

Dashboard endpoints provide aggregated views of your telemetry data. They power the Checkrd dashboard UI and are available for programmatic access.

Common parameters

Every aggregation endpoint accepts a time-window pair:

ParameterTypeRequiredDescription
fromRFC 3339NoStart of the window. Defaults to 24 hours before to.
toRFC 3339NoEnd of the window. Defaults to now.

The maximum spread between from and to is 31 days. Requests beyond that return 400 invalid_value.

Get Stats

GET /v1/dashboard/stats

Auth: JWT (viewer+)

bash
curl "https://api.checkrd.io/v1/dashboard/stats?from=2026-04-11T00:00:00Z&to=2026-04-12T00:00:00Z" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response 200 OK

json
{
  "total_calls": 45230,
  "allowed_calls": 44876,
  "denied_calls": 127,
  "error_calls": 227,
  "avg_latency_ms": 184.2,
  "p50_latency_ms": 142.0,
  "p95_latency_ms": 311.5,
  "p99_latency_ms": 428.0,
  "active_agents": 9,
  "total_agents": 12
}

Get Agent Stats

GET /v1/dashboard/agents

Auth: JWT (viewer+)

bash
curl "https://api.checkrd.io/v1/dashboard/agents?from=2026-04-11T00:00:00Z&to=2026-04-12T00:00:00Z" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response 200 OK

json
[
  {
    "agent_id": "01916a3e-...",
    "agent_name": "sales-agent",
    "total_calls": 12500,
    "denied_calls": 34,
    "error_calls": 189,
    "avg_latency_ms": 156.0,
    "p50_latency_ms": 121.0,
    "p95_latency_ms": 268.0
  }
]

Get Top Hosts

GET /v1/dashboard/hosts

Auth: JWT (viewer+)

ParameterTypeRequiredDescription
fromRFC 3339NoSee Common parameters above.
toRFC 3339NoSee Common parameters above.
limitintegerNoNumber of hosts to return (default 10, max 50).
bash
curl "https://api.checkrd.io/v1/dashboard/hosts?limit=5" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response 200 OK

json
[
  {
    "url_host": "api.salesforce.com",
    "call_count": 8420,
    "allowed_count": 8312,
    "denied_count": 12,
    "error_count": 96
  },
  {
    "url_host": "api.stripe.com",
    "call_count": 3100,
    "allowed_count": 3081,
    "denied_count": 0,
    "error_count": 19
  }
]

Get Timeseries

GET /v1/dashboard/timeseries

Auth: JWT (viewer+)

bash
curl "https://api.checkrd.io/v1/dashboard/timeseries?from=2026-04-11T00:00:00Z&to=2026-04-12T00:00:00Z" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response 200 OK

json
[
  {
    "bucket": "2026-04-12T08:00:00Z",
    "total": 1250,
    "allowed": 1227,
    "denied": 8,
    "error": 15
  }
]

The bucket width is chosen based on the requested window (1 minute up to 1 day). The server picks a width such that you get roughly 60 to 120 buckets back.

Get Rule Hits

GET /v1/dashboard/rule-hits

Auth: JWT (viewer+)

Returns the most-matched policy rules within the time window. Useful for identifying which rules are doing the work and which never fire.

List Events

GET /v1/dashboard/events

Auth: JWT (viewer+)

ParameterTypeRequiredDescription
limitintegerNoResults per page (default 20, max 100).
cursorstringNoOpaque pagination cursor.
agent_idUUIDNoFilter by agent.
methodstringNoFilter by HTTP method.
url_hoststringNoFilter by target host.
status_codeintegerNoFilter by response status code.
policy_resultstringNoFilter by allowed, denied, or error.
fromRFC 3339NoStart of time range.
toRFC 3339NoEnd of time range.
trace_idstringNoFilter by W3C trace ID (32 hex chars).
bash
curl "https://api.checkrd.io/v1/dashboard/events?agent_id=01916a3e-...&policy_result=denied&limit=10" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Response 200 OK

json
{
  "data": [
    {
      "request_id": "req_abc123",
      "agent_id": "01916a3e-...",
      "timestamp": "2026-04-12T09:15:00Z",
      "method": "DELETE",
      "url_host": "api.stripe.com",
      "url_path": "/v1/customers/{id}",
      "status_code": null,
      "latency_ms": null,
      "policy_result": "denied",
      "deny_reason": "block-all-deletes"
    }
  ],
  "has_more": false,
  "next_cursor": null
}

Denied requests have null for status_code and latency_ms because the request was blocked before reaching the external API.

Get Single Event

GET /v1/dashboard/events/:request_id

Auth: JWT (viewer+)

Returns one telemetry event by request_id. Useful for deep-linking from logs or alerts to a specific decision.

TelemetryAlerts