Back to Pulse

Incident-brief PDF

Pulse incident briefs turn blocked or suspicious LLM requests into shareable forensic evidence with clear redaction boundaries.

Sample sections

Executive summary
Timeline
ThreatPrint result
Spend impact
Action taken
Evidence
Omitted data
Next steps

Sample redaction policy

Secrets, provider keys, bearer tokens, cookies, and configured sensitive fields are redacted before export. The brief includes an Omitted data section so reviewers know what was intentionally excluded.

Export workflow

Open Security or Proxy Monitor, expand a blocked or suspicious request, and choose Export incident brief. The dashboard calls POST /api/pulse/incident-brief and returns application/pdf when PDF rendering is available.

API route

POST /api/pulse/incident-brief generates the dashboard PDF from a ThreatPrint log entry. A downloadable public sample is pending publication.