Skip to content
← Docs

AI insights

A plain-language summary of every session, and natural-language search over your audit log. Both are powered by Claude and are available once an administrator has enabled AI for your workspace.

Session summaries

A background worker distills each closed session — SSH terminal and database — into a one-paragraph summary of what the operator did, flagging notable or destructive actions. It's automatic; just use sessions normally.

  • Open a session recording (a server session's playback, or a database query recording) — the AI summary card sits above the player.
  • Session lists show a small marker on rows that have a summary.
  • Summaries appear within ~20 seconds of a session closing.
Restarted nginx, edited 3 config files under /etc, and ran a
migration that updated 1,240 rows. No destructive operations.

Natural-language audit search

On the Activity page, the Ask the audit log box answers plain-English questions. Claude searches your tenant's activity log, then replies in a sentence or two and lists the specific events it cited — it answers only from real rows, never invented ones.

  • "who touched prod last week?" — matches activity against a server named prod.
  • "what did alice do today?" — matches a person by name or email.
  • "any deletes this week?" — filters by action and date.
Answers are grounded strictly in your audit log — the model only reports events that actually exist, with the matching rows shown beneath each answer so you can verify them.

Permissions

session.read activity.read

Summaries surface wherever a recording does (session.read); the audit-search box is on the Activity page (activity.read). Generation itself is a background job and needs no user permission.