Help Centre

A quick tour of the platform and the best way to get value out of each module. Skim the tips, then jump into the module that matches what you're trying to do.

Shortcuts: / focus · prev/next · Enter next · H highlights · Esc clear

Setup Guide — deploy NAPT in your network

New here? Go from zero to running Python automation against live devices in under 30 minutes.

DevOps Setup — build your network CI/CD pipeline

Go beyond scripts: Git, automated pipelines, environment promotion, AI assistance, and DORA metrics in 8 steps.

As-Built Documentation — generate a living network doc

Combine topology, intent files, compliance posture, and change history into one exportable PDF, Word, Markdown, or HTML set.

Quick start
  1. 1. Pick or create a workspace for the network you're operating.
  2. 2. Generate a baseline script from the Configure → Generate flow.
  3. 3. Define one or two intents that capture your "must never break" rules.
  4. 4. Run compliance scoring once, so you have a posture trend to watch.
  5. 5. When an alert fires, start with RCA and confirm with the Streaming Console.

ModulesSort hints:

Workspaces

Each workspace is an isolated instance of your NetOps data — intents, compliance profiles, runs, findings.

Best practice
  • Create one workspace per network domain (e.g. Production, Lab, Customer A).
  • Switch workspaces from the dropdown in the Intelligence header.
  • Your active workspace persists per device — different team members can work in different workspaces simultaneously.
Workflow
  1. 1. Open the Intelligence header → click the Workspace dropdown.
  2. 2. Pick "New workspace" or "Manage workspaces" to rename / delete.
  3. 3. All saves (intents, profiles, etc.) are scoped to the active workspace from then on.
Prompt hints
Was this helpful?
Script Generator

Compose a deterministic prompt from vendors, scale, and goals to generate vendor-aware automation scripts.

Best practice
  • Start in Configure → choose vendors and scale before clicking Generate.
  • Use Templates for known patterns; only fall back to free-form prompts when no template fits.
  • Save successful scripts so you can re-run them and track history.
Workflow
  1. 1. Configure → Generate → Output → optionally Refine.
  2. 2. Save the script to your workspace from the Output tab.
  3. 3. Re-run from History to compare versions side-by-side.
Prompt hints
Was this helpful?
Intent Verification

Declare what 'healthy' means in plain DSL, then verify it against findings in a time window.

Best practice
  • Write small, focused intents — one rule per concern, one intent per device class.
  • Use the inline DSL validator: rule errors and line numbers surface before you save.
  • Run "Verify all" periodically to catch regressions across every intent at once.
Workflow
  1. 1. Pick / create an intent → write rules in the DSL editor.
  2. 2. Choose a time window → click Verify intent (single) or Verify all (batch).
  3. 3. Open the per-device drawer to see exactly which findings triggered pass/fail.
Prompt hints
Was this helpful?
Compliance Posture

Score your network against CIS, NIST 800-53, and PCI-DSS frameworks based on recent findings.

Best practice
  • Pick the smallest set of frameworks that matches your obligations — fewer rules = clearer signal.
  • Run scoring after every major change window so the trend graph stays meaningful.
  • Drill into failing controls and fix root findings, not symptoms.
Workflow
  1. 1. Create a profile → select frameworks → Save.
  2. 2. Choose a time window → Run scoring.
  3. 3. Review failing controls; expand for evidence and remediation hints.
Prompt hints
Was this helpful?
RCA (Root-Cause Analysis)

AI walks the finding graph to suggest the most likely root cause for a current incident.

Best practice
  • Run RCA from the most specific symptom you have (a flapping interface beats 'site is slow').
  • Treat suggestions as hypotheses — verify with the Streaming Console before acting.
Workflow
  1. 1. Open RCA → pick the impacted device or signal.
  2. 2. Review the ranked causes with confidence scores.
  3. 3. Click "Open in console" to gather live evidence.
Prompt hints
Was this helpful?
Streaming Console

Run vendor commands and see structured output streamed back, with parsing and tagging.

Best practice
  • Use it to validate a fix or gather evidence — don't push config from the console.
  • Pin frequently used commands as snippets per vendor.
Workflow
  1. 1. Pick a device → type or pick a command → Run.
  2. 2. Output appears live; copy or save it as a finding for later correlation.
Prompt hints
Was this helpful?
Drift

Compare current configs against a known-good baseline and surface unauthorised changes.

Best practice
  • Set the baseline right after a change-window approval, not before.
  • Use the regex / severity-scoped filters to triage large diffs quickly.
Workflow
  1. 1. Go to Drift → pick devices or scope.
  2. 2. Adjust filters in the URL bar (q, regex, sevScoped).
  3. 3. Approve, ignore, or open a ticket per row.
Prompt hints
Was this helpful?
PCAP Analyzer

Upload .pcap/.pcapng captures and get protocol distribution, top talkers, anomalies, routing events, and an AI forensics report.

Best practice
  • Capture as close to the problem device as possible — mid-path captures hide the real source.
  • Use protocol focus + the Wireshark filter export to drill from summary into the exact packets.
  • Run the Download Python Script path for captures too large to analyse in the browser.
Workflow
  1. 1. Upload a capture → review protocol/talkers/anomalies tabs.
  2. 2. Optionally enable AI decode for a written forensics report.
  3. 3. Export the PDF report or copy the Wireshark display filter to continue in Wireshark.
Prompt hints
Was this helpful?
Template Library

Browse production-ready automation templates with full scripts, customization and downloads, and sync them to your database.

Best practice
  • Search by outcome (e.g. 'config backup', 'compliance audit') rather than scrolling the full catalog.
  • Customize in the workbench before downloading so parameters are baked in.
  • Chain related templates in the Workflow Builder instead of stitching scripts by hand.
Workflow
  1. 1. Search / filter → open a template → review the full script.
  2. 2. Customize parameters in the workbench, then download or copy.
  3. 3. Optionally Sync to DB, or send the template into the Workflow Builder.
Prompt hints
Was this helpful?
Workflow Builder

Drag templates onto a canvas, connect them with branches and parallel groups, schedule with cron, and run with per-step result tracking.

Best practice
  • Build incrementally — save and run after adding each step rather than wiring the whole graph first.
  • Use Parallel groups for independent, non-conflicting tasks to cut total run time.
  • Name workflows by outcome (e.g. 'nightly-backup-audit') so the saved list stays readable.
Workflow
  1. 1. Name the workflow → add template nodes from the Library.
  2. 2. Connect nodes; add Branch / Parallel nodes as needed.
  3. 3. Save → set cron (optional) → Run → review per-step results.
Prompt hints
Was this helpful?
AI Intent Engine

Describe a network change in plain English and get parsed intent, task decomposition, risk assessment, pre-flight checks, and generated code across five frameworks.

Best practice
  • Write specific intents with concrete IPs, ASNs, and device names for better parsing.
  • Always review the risk assessment before saving — it's a safety signal, not decoration.
  • Use the pre-flight checks as a live checklist before running the generated script on real devices.
  • Save the intent before creating a change ticket; tickets are linked to saved intent IDs.
Workflow
  1. 1. Describe the change in plain English and pick Environment, Vendor, and Framework.
  2. 2. Click Parse Intent → review parsed intent, risk assessment, pre-flight checks, and task decomposition.
  3. 3. Edit tasks or the main script if needed, then Re-validate & Regenerate.
  4. 4. Save the intent, optionally run Dry Run, export the bundle, or create a change ticket.
Prompt hints
Was this helpful?
Script Catalog

Browse the full library of network automation scripts, filter by category, search by vendor or feature, and open any script for its inputs, inventory schema, and expected output.

Best practice
  • Combine the search box with a category toggle to zero in on the right script quickly.
  • Open the detail page and review required inputs and the sample inventory before generating or running anything.
  • Use the Script Generator if no catalog entry matches your exact need.
Workflow
  1. 1. Open /scripts and scan the catalog or apply a category filter.
  2. 2. Search by name, vendor, or feature to narrow results.
  3. 3. Click a script card to open its detail page.
  4. 4. Review required inputs, inventory schema, and expected output before running.
Prompt hints
Was this helpful?
Scenario Templates

Pre-built NetDevOps scenarios (VXLAN fabric test, BGP rollout, compliance sweep) that scaffold a Git repo, pipeline, tests, and intents in one click.

Best practice
  • Start every new pipeline from the closest scenario rather than an empty Pipeline Studio canvas.
  • Rename the generated pipeline and stages so they reflect your environment.
  • Run the scaffolded tests once immediately to confirm connectivity before customising.
Workflow
  1. 1. Open /devops/scenarios and choose a scenario.
  2. 2. Click Use scenario to scaffold repo, pipeline, and tests.
  3. 3. Open Pipeline Studio to review and customise the generated stages.
  4. 4. Run the starter tests to validate the baseline.
Prompt hints
Was this helpful?
Git Integration

Connect a Git repo so commits to config-as-code (intent files) automatically trigger pipeline runs and an immutable audit trail.

Best practice
  • Keep one intent file per logical change so auto-triggered runs stay small and reviewable.
  • Protect the main branch so only reviewed config-as-code reaches the deploy pipeline.
  • Pair Git auto-trigger with Auto-promote only on pipelines whose stages are pre-approved patterns.
Workflow
  1. 1. Open /devops/git → Connect repository.
  2. 2. Enter repo URL + webhook secret and save.
  3. 3. Configure which intent file paths the pipeline watches.
  4. 4. Commit a change and watch the run appear in Pipeline Studio's run log.
Prompt hints
Was this helpful?
Pipeline Studio

Visually compose CI/CD pipelines for network changes — drag stages (validate, test, approve, deploy), run them, and read per-stage logs with AI root-cause analysis on failures.

Best practice
  • Keep validate and test stages before any deploy so bad config never reaches devices.
  • Use approval gates for production and Auto-promote only for proven, low-risk patterns.
  • Read the AI root-cause panel before re-running — it often points at the exact file and fix.
Workflow
  1. 1. Open /devops/pipelines and add stages from the Stage Library.
  2. 2. Order them validate → test → approve → deploy and set the target environment.
  3. 3. Run the pipeline and open the Run Log.
  4. 4. On failure, use Explain failure (AI), apply the fix, and re-run.
Prompt hints
Was this helpful?
Network Tests

Define and run automated network validation tests (reachability, BGP/EVPN state, interface counters, compliance checks) as pipeline stages or on demand.

Best practice
  • Write one assertion per test so failures point at a single cause.
  • Run the same tests pre- and post-deploy to prove a change didn't regress anything.
  • Group tests by fabric so a scenario can scaffold them together.
Workflow
  1. 1. Open /devops/tests and create a test with a target and assertion.
  2. 2. Run it on demand to confirm the baseline passes.
  3. 3. Add it as a test stage in your pipeline.
  4. 4. Compare pre- and post-deploy results in the run log.
Prompt hints
Was this helpful?
Environments

Model your lab, staging, and production fabrics as separate environments with their own devices, credentials, and promotion rules.

Best practice
  • Mirror Lab and Prod topology so tests that pass in Lab are meaningful.
  • Use a strict promotion order: never deploy to Prod without passing Staging first.
  • Scope credentials per environment via Secrets.
Workflow
  1. 1. Open /devops/environments and create each environment.
  2. 2. Add devices and link per-environment credentials.
  3. 3. Set the deploy stage target in Pipeline Studio.
  4. 4. Promote changes in order: Lab → Staging → Prod.
Prompt hints
Was this helpful?
Secrets Vault

Store device credentials, API tokens, and webhook secrets encrypted, and reference them by name from pipelines, tests, and environments — never in plain config.

Best practice
  • Use one secret per environment/credential so you can rotate without breaking others.
  • Rotate secrets on a schedule and after any team change.
  • Reference secrets by name in pipelines and tests — never paste raw values.
Workflow
  1. 1. Open /devops/secrets → Add secret.
  2. 2. Name it and paste the value.
  3. 3. Reference it by name from environments, tests, and pipeline stages.
  4. 4. Rotate the value when needed without editing every consumer.
Prompt hints
Was this helpful?
Audit Trail

An immutable, searchable log of every network change — who, what, when, which pipeline, and the before/after — for compliance and post-incident review.

Best practice
  • Use the audit trail during incident review to reconstruct the exact change sequence.
  • Export filtered entries when assembling compliance evidence.
  • Tie each entry back to its pipeline run for full context.
Workflow
  1. 1. Open /devops/audit.
  2. 2. Apply filters (user, pipeline, device, time).
  3. 3. Open an entry for before/after and the originating run.
  4. 4. Export the filtered set for compliance if needed.
Prompt hints
Was this helpful?
DORA Metrics

Track the four DORA metrics for your network team — deployment frequency, lead time for changes, change failure rate, and time to restore — from real pipeline data.

Best practice
  • Review the dashboard at the start of each day as your overnight pipeline check.
  • Watch change failure rate and time-to-restore together — they reveal real reliability.
  • Use trends, not single days, to judge whether a process change helped.
Workflow
  1. 1. Open /devops/metrics each morning.
  2. 2. Read the four metrics and your classification band.
  3. 3. Drill into any metric to see the underlying runs.
  4. 4. Track the trend over weeks, not days.
Prompt hints
Was this helpful?
NAC Editor (Config-as-Code)

Edit network intent files (config-as-code) in a structured editor with validation, then commit them to Git to drive pipelines — the single source of truth for device config.

Best practice
  • Make every change in the intent file, never directly on the device, to avoid drift.
  • Keep changes small and commit often so auto-triggered runs are easy to review.
  • Use the editor's validation before committing to catch errors early.
Workflow
  1. 1. Open /devops/nac-editor and pick an intent file.
  2. 2. Edit config-as-code with inline validation.
  3. 3. Commit to the connected Git repo.
  4. 4. Watch the auto-triggered pipeline deploy and audit the change.
Prompt hints
Was this helpful?
NAPT MCP Server

Connect Claude, Cursor, or any MCP-compatible AI to NAPT. Generate scripts, run diagnostics, and query findings directly from your AI assistant.

Best practice
  • Only enable execute permission when you plan to run scripts — keep keys read-only by default.
  • Use a separate key per assistant so you can revoke access independently.
  • Start read-only: generate scripts and query findings before granting execution.
Workflow
  1. 1. Get a key from the MCP Keys panel.
  2. 2. Install the NAPT MCP package.
  3. 3. Add NAPT to your AI assistant's config.
  4. 4. Test the connection from your assistant.
Prompt hints
Was this helpful?
Simulate (What-If Analysis)

Run what-if failure simulations against your topology to see blast radius, reroutes, and over-capacity links before anything breaks in production.

Best practice
  • Run a blast-radius check before any high-risk maintenance or failover.
  • Pair simulations with the Service Dependency view to translate failures into business impact.
  • Re-simulate after topology changes so your what-ifs reflect the live network.
Workflow
  1. 1. Pick a failure scenario from the Topology Canvas or the Simulate page.
  2. 2. Run the simulation to compute affected nodes, links, and reroutes.
  3. 3. Review the impact and business-service breakdown, then plan mitigation.
Prompt hints
Was this helpful?
Capacity Planning

Forecast interface, device, and fabric utilisation so you can add capacity before you hit warning or critical thresholds.

Best practice
  • Review capacity alerts weekly and feed them into your procurement lead time.
  • Forecast at both the interface and fabric level for AI/GPU and DC workloads.
  • Treat days-to-warning as a purchase trigger, not days-to-critical.
Workflow
  1. 1. Select a resource and review its current utilisation and trend confidence.
  2. 2. Read the 30/90-day forecast and days-to-threshold estimate.
  3. 3. Schedule capacity adds for anything inside your procurement window.
Prompt hints
Was this helpful?
Auto-Remediation

Automatically generate and apply fixes for known-safe configuration drift, with approval gates for anything risky.

Best practice
  • Start every rule in log-only mode and review generated scripts before enabling apply.
  • Auto-apply only low-risk drift; require approval for medium/high-risk changes.
  • Pipe remediation through a pipeline so every fix has a pre/post snapshot.
  • Treat RCA-sourced actions as proposals: always read the AI summary before approving.
Workflow
  1. 1. Create a remediation rule scoped to a drift type and device set.
  2. 2. Preview generated fixes in log-only mode.
  3. 3. Enable apply for safe findings and review the remediation activity log.
  4. 4. Or click 'Create remediation' on an RCA result to queue an approval-gated fix; the Source column shows Drift vs RCA.
Prompt hints
Was this helpful?
Event Rules

Trigger automated actions when network events match conditions you define — from findings to Git events to schedules.

Best practice
  • Start narrow: match on high-severity events first, then broaden.
  • Always test a rule against a known event before relying on it.
  • Review the execution log regularly to catch silent misconfigurations.
Workflow
  1. 1. Define the trigger event type and matching conditions.
  2. 2. Attach an action and enable the rule.
  3. 3. Verify executions in the rule's run history.
Prompt hints
Was this helpful?
ChatOps

Bring NAPT findings, runs, and daily digests into Slack or Teams so the whole team has shared network visibility.

Best practice
  • Use a dedicated alerts channel separate from general team chat.
  • Enable the daily digest to summarise low-priority activity instead of pinging in real time.
  • Use one integration per workspace so multi-tenant alerts stay separated.
Workflow
  1. 1. Connect your Slack/Teams workspace and choose channels.
  2. 2. Select which events post in real time vs the digest.
  3. 3. Send a test alert and confirm delivery.
Prompt hints
Was this helpful?
Webhooks

Send NAPT events to any external system via signed HTTP callbacks so you can integrate with your own tooling.

Best practice
  • Always verify the signature before acting on a webhook payload.
  • Respond 2xx fast and process asynchronously to avoid retries.
  • Scope each webhook to only the event types the consumer needs.
Workflow
  1. 1. Register the endpoint URL and select event types.
  2. 2. Verify incoming payloads with the signing secret.
  3. 3. Monitor the delivery log and re-send failures as needed.
Prompt hints
Was this helpful?
As-Built Documentation

Generate up-to-date network documentation — topology, inventory, routing, security posture, and change history — on demand.

Best practice
  • Regenerate after every significant change so the as-built reflects reality.
  • Use the security-focused variant for audits and the full doc for handovers.
  • Export Markdown/HTML for wikis and PDF/Word for formal deliverables.
Workflow
  1. 1. Choose scope and output format in the generator wizard.
  2. 2. Generate and watch progress through each section.
  3. 3. Download or share the finished document.
Prompt hints
Was this helpful?
Chaos Engineering

Proactively test network resilience by injecting controlled failures in lab/sandbox environments — never production without explicit override.

Best practice
  • Always run a blast-radius simulation before triggering a live experiment.
  • Keep experiments in lab/sandbox; gate any production run behind override + approvals.
  • Schedule recurring Game Days and track resilience score trends over time.
Workflow
  1. 1. Confirm the safety environment and define the experiment.
  2. 2. Run the experiment and follow the simulated timeline.
  3. 3. Review the resilience score and baseline vs post-test results.
Prompt hints
Was this helpful?
Service Dependencies

Map business services to the devices and links they depend on, so any finding's real-world impact is understood in seconds.

Best practice
  • Model the handful of services that matter to on-call before mapping everything.
  • Tie each service to specific devices/links so impact is unambiguous.
  • Review the map after major topology changes so it reflects reality.
Workflow
  1. 1. Create a service and give it a clear, business-facing name.
  2. 2. Attach the devices and links it depends on.
  3. 3. Use it from findings/RCA to read off blast radius and affected services.
Prompt hints
Was this helpful?
Portfolio View

Roll up health, findings, and compliance across every workspace into one multi-tenant overview.

Best practice
  • Use one workspace per domain or tenant so the rollup stays meaningful.
  • Check the portfolio first thing to spot the workspace that needs attention.
  • Standardise compliance profiles so cross-workspace scores compare fairly.
Workflow
  1. 1. Open the Portfolio view to see every workspace's rollup card.
  2. 2. Sort or scan by open findings / compliance to find the hotspot.
  3. 3. Drill into a workspace to act on its findings and pipelines.
Prompt hints
Was this helpful?
On-Call View

A mobile-first triage entry point for 2AM incidents — the most urgent finding, open findings by severity, and one-tap handoffs.

Best practice
  • Bookmark /oncall on your phone for instant access during a page.
  • Triage from the hero card first, then work the severity-ordered list.
  • Hand off into the full RCA/Console pages rather than acting from the phone for complex fixes.
Workflow
  1. 1. Open /oncall and read the most-urgent hero finding.
  2. 2. Scan the open-findings list, ordered by severity then recency.
  3. 3. Tap a quick action to jump into RCA, the Streaming Console, or Pipelines.
Prompt hints
Was this helpful?
Topology Canvas

An interactive, clickable network map — import from LLDP/CDP or NetBox, run per-device script dry-runs, inspect links, and save versioned snapshots.

Best practice
  • Set vendor/OS on each node so the inspector surfaces vendor-matched templates.
  • Use script dry-runs from the inspector before pushing any real change.
  • Save snapshots after major changes so you can diff topology versions over time.
Workflow
  1. 1. Import devices and links from NetBox or LLDP/CDP neighbour data.
  2. 2. Click a node to inspect details, edit metadata, or open the agent.
  3. 3. Run a template dry-run or add the node to a flow.
  4. 4. Save a versioned snapshot and diff against earlier captures.
Prompt hints
Was this helpful?
User Roles (Admin)

Grant or revoke the admin role for accounts by email — the secure way to manage who can reach admin-only pages.

Best practice
  • Grant admin to the smallest number of people who genuinely need it.
  • Review the admin list periodically and revoke stale access.
  • Never store roles client-side — this page reads/writes the secure server-side role table.
Workflow
  1. 1. Open /admin/users as an existing admin.
  2. 2. Enter the target account's email and grant the admin role.
  3. 3. Confirm the new admin appears in the list.
  4. 4. Revoke access from the list whenever it's no longer required.
Prompt hints
Was this helpful?
Network Reconciliation

Compare your source-of-truth inventory (NAPT, NetBox, Nautobot) against live device reality and classify every difference.

Best practice
  • Run reconciliation before and after a change window to prove the network matches your records.
  • Work findings by severity: IP Drift and Missing Interface (high) first, Status Mismatch (low) last.
  • Use the per-type action — Generate fix (IP/VLAN/MTU), Add to source of truth (links/cabling), Investigate (missing interface / status).
Workflow
  1. 1. Pick a source: NAPT inventory, NetBox, or Nautobot.
  2. 2. Run reconciliation to capture live state and diff it.
  3. 3. Findings are grouped into 7 types: IP Drift, Missing Interface, Undocumented Link, Cable Mismatch, VLAN Mismatch, Status Mismatch, MTU Mismatch.
  4. 4. Act per group: generate a fix, update the source of truth, or escalate for investigation.
Prompt hints
Was this helpful?
Change Lifecycle

A guided 5-phase wrapper — Baseline, Plan, Apply, Verify, Document — around your scripts so every change is captured, checked and recorded.

Best practice
  • Run every production change through a lifecycle so you always have a baseline to roll back toward.
  • Attach the ITSM change reference at the start so the audit session and document link back to your CR.
  • Treat Verify as the gate to Document — only record a change as done once checks pass.
Workflow
  1. 1. Baseline — snapshot current device + interface state as the 'before'.
  2. 2. Plan — record the plan summary and target devices for the change.
  3. 3. Apply — execute the wrapped script; apply status tracks applied / failed / rolled_back.
  4. 4. Verify — diff current state against the baseline; checks return pass/fail.
  5. 5. Document — capture the as-built record; the run is marked complete.
Prompt hints
Was this helpful?
HumanRail — Escalations

A confidence-based escalation queue: when the AI isn't sure enough to proceed, it stops and asks a human instead of guessing.

Best practice
  • Triage by source module — Reconciliation, RCA, and Intent Engine escalations each need different domain context.
  • Read the candidate options' confidence scores before choosing; the AI surfaces its best guesses, you make the call.
  • Resolve (don't dismiss) whenever a real decision exists, so the source run can continue with your answer.
Workflow
  1. 1. An upstream module (Reconciliation, RCA, or Intent Engine) hits an ambiguous, low-confidence decision.
  2. 2. It raises an escalation with context and candidate options instead of guessing.
  3. 3. The item lands in /escalations as 'open'.
  4. 4. You review and pick an option (or dismiss); status moves open → in_progress → resolved/dismissed.
  5. 5. Your decision flows back to the source module and the run continues.
Prompt hints
Was this helpful?
AI Copilot Console

A split-pane terminal + AI agent with an approval-gated safety model. Live device sessions stream over a secure WebSocket gateway; demo profiles stay simulated.

Best practice
  • Use simulated demo profiles to learn the split-pane UX and proactive pattern detection before touching live gear.
  • Tag production hosts so the PRODUCTION banner and extra confirmation apply to any change.
  • Keep an eye on the scrollback line count — it's the context the AI agent reasons over.
Workflow
  1. 1. Live connections are loaded from active /lab connections that expose a wss:// stream endpoint.
  2. 2. Selecting a live connection mints an HMAC session token and opens the gateway WebSocket; selecting a demo profile replays scripted output.
  3. 3. Terminal output streams into a capped scrollback buffer that becomes the AI agent's context.
  4. 4. If the socket drops, the client reconnects with exponential backoff and refreshed credentials within your reconnect settings.
  5. 5. The AI surfaces approval-gated action cards; a human reviews before execution, with extra confirmation on production hosts.
Prompt hints
Was this helpful?
Session Audit

A session-oriented view over audit activity. Related events are grouped into continuous units of work — a Change Lifecycle run, a Reconciliation run, an RCA investigation, or a manual sequence — so you navigate by effort, not by scrolling a flat log.

Best practice
  • Navigate by unit of work, not by timestamp — start from the session, then drill into its event timeline.
  • Pin the sessions tied to incidents or major changes so they stay easy to find for post-mortems and audits.
  • Use the session type and status filters together (e.g. failed Change Lifecycle runs) to find what needs follow-up.
Workflow
  1. 1. Source flows (Change Lifecycle, Reconciliation, RCA) auto-create one session per run; you can also start a manual session.
  2. 2. Each meaningful action appends a timestamped event to its session, building an ordered timeline.
  3. 3. The session carries a type, a reference to its source record, who started it, start/end times, and a status.
  4. 4. When the source run finishes, the session is ended with a terminal status (complete, failed, rolled_back, cancelled).
  5. 5. Browse /audit/sessions, filter and pin, and expand any session to replay exactly what happened, in order.
Prompt hints
Was this helpful?
Lab Connections

Register lab/emulation platforms (Containerlab, EVE-NG, GNS3, Cisco CML, netlab, or custom) by their API endpoint, an optional wss:// stream gateway, and a Vault credential reference — never a raw secret.

Best practice
  • Keep credentials in the vault and store only the reference here — it's safe to share connections without exposing secrets.
  • Use Test connection after every endpoint change to catch reachability or protocol problems before launching a verification.
  • Only mark a connection Active once it passes a reachability check; inactive connections are skipped by live sessions and runs.
Workflow
  1. 1. Create a connection with a provider, API endpoint, and optional stream endpoint + vault reference; inline validation gates the save.
  2. 2. Server actions (create/update/activate/delete) are workspace-scoped and authorized as the signed-in user.
  3. 3. Test connection runs a lightweight reachability check and reports reachable / unreachable / invalid with HTTP status and latency.
  4. 4. Launch a lab verification to get a pass / fail / error result tied to the connection's reachability.
  5. 5. If a wss:// stream endpoint is set, the connection can host live Copilot terminal sessions via a short-lived signed token.
Prompt hints
Was this helpful?
Automation Fitment

Answer a few questions about a client's estate — deployment model, vendor mix, fleet size, team maturity and compliance needs — and get a recommended automation approach and tool stack.

Best practice
  • Start from the deployment model and compliance constraints — they constrain everything else.
  • Prefer the simplest stack that fits today's fleet size and team maturity; grow into orchestration.
  • Save the intake so you can revisit and compare options as the client's estate evolves.
Workflow
  1. 1. Capture the client's requirements: deployment model, vendor mix, fleet size, team maturity and compliance needs.
  2. 2. Fitment maps each requirement to a fitting approach and a concrete tool (NAPALM, Netmiko, Nornir, NetBox + Terraform, Ansible, GitOps pipeline, Containerlab).
  3. 3. Review the recommended stack with its pros, cons and best-fit scenario for each deployment model.
  4. 4. Follow the linked learn template to start building the recommended stack.
  5. 5. Save the intake to your account to revisit, compare or hand off the recommendation.
Prompt hints
Was this helpful?
Operating tips
  • Tip
    Always confirm the right workspace is active before saving — the badge is in the Intelligence header.
  • Tip
    Prefer batch actions (Verify all, Run scoring) over per-item runs once you have more than ~5 items.
  • Tip
    When something breaks, check Cloud → Logs first; most failures are RLS or env-var related.
  • Tip
    Use the command palette (Cmd/Ctrl+K) to jump between modules without losing context.
Was this helpful?
Troubleshooting

Still stuck? Ask the help assistant — it has your workspace context.