AI OBSERVABILITY · AUDIT-GRADE · EU-HOSTED

Prove your AI behaved — not just that it was fast.

A passive, audit-grade observability layer for your AI applications. PII is redacted at source (IBAN-BE, RRN, BTW), per-request cost and tokens are tracked, and you can download a signed evidence pack for any period — exactly what AI Act article 12 and NIS2 ask for.

Create an account →Read the docs

# Python — drop-in tracer

from monsys_ai import Tracer

tracer = Tracer()

with tracer.trace("rag.chat") as t:

with t.span("openai.chat", provider="openai", model="gpt-4o") as s:

s.prompt = user_msg

resp = openai.chat.completions.create(...)

s.completion = resp.choices[0].message.content

# → 1 HTTP POST · PII redacted op de hub · trace ID 0e22…

✓ ingested · 1 span · 19 tokens · 0.00006 €

Three hard invariants

No AI controlling other AI. Never inline-blocking. Always auditable.

Passive, never autonomous

monsys.ai doesn't run prompts, doesn't take actions, never blocks inline. It's an observability layer — after-the-fact evidence, not a control plane.

PII redacted at source

Belgian IBAN, RRN, BTW, KBO, emails and phones are detected with checksum validation before storage and replaced with a hash token. Raw content never reaches the hub.

Ed25519-signed evidence packs

One click per period → gzipped tarball with manifest + signature. A standalone Python script verifies offline, with no monsys account. Built for auditors and regulators.

Who this is for — and who it's not

monsys.ai AI observability is for YOUR code. Not for what your devs do in their IDE.

Common confusion: 'does this monitor our employees' Copilot or ChatGPT usage?' No. We only see what your application sends to OpenAI/Anthropic/Mistral — if you place our SDK in your code.

FOR YOU if

Your own backend calls OpenAI / Claude / Mistral / Azure OpenAI
You build a RAG system, chatbot, summariser, ticket triage or CV screening
Your SaaS product has "AI features" (suggested replies, AI search, generation)
You have an internal tool that uses LLMs for customer service or operational decisions
You're under AI Act art. 6 (high-risk) or NIS2 art. 21 — you must prove what your AI did

NOT for

Developers coding in Copilot/Cursor/Continue — those calls go straight from editor to GitHub/Anthropic, not through your code
Employees opening ChatGPT in their browser — there's no integration point
Real-time blocking or prompt-injection filtering — we're a passive audit layer, not a guardrail
Detecting whether a process on a server is secretly using AI — our server agents don't do that, use DLP/EDR for that

Where do you place the SDK?

The same place where you would put a log line next to your LLM call today. Three typical placements:

In your service layer, next to the business logic that calls the LLM (~80% of cases)
In a centralised ai/openai_client.py or lib/llm.ts module that all calls go through
As a decorator/middleware (@traced_llm_call) if you have many parallel calls

# Voorbeeld plaatsing in een Python service
def antwoord_op_klant_vraag(vraag: str) -> str:
    with tracer.trace("klantenservice.vraag") as t:        # ← hier
        with t.span("openai.chat",
                    provider="openai",
                    model="gpt-4o") as s:                  # ← hier
            s.prompt = vraag
            resp = openai_client.chat.completions.create(
                model="gpt-4o",
                messages=[{"role": "user", "content": vraag}],
            )
            s.completion = resp.choices[0].message.content
            s.input_tokens  = resp.usage.prompt_tokens
            s.output_tokens = resp.usage.completion_tokens
            return s.completion

Companion audit modules

For AI data sources outside your own LLM code. Separate products alongside AI observability, with their own pricing — same Ed25519 signing chain, same verifier, same Stripe invoice.

BETA · AVAILABLE NOW

Copilot Audit Puller

Separate module that reads GitHub Copilot Business / Enterprise admin API (seats, audit-log) and produces Ed25519-signed evidence packs from it. For AI Act art. 26 (deployer obligations) and NIS2 employee audits. €1/seat/month. Read more →

BETA · AVAILABLE NOW

OpenAI Audit

Separate module that reads the OpenAI Platform admin API (users, projects, API keys, audit log) and produces Ed25519-signed evidence packs from it. Detects stale API keys (>90d unused) as a security baseline. €1/user/month + €5/project/month. Read more →

On the roadmap — coming next

What we DON'T cover today but is planned. No committed ETA unless a date is shown below.

Q4 2026

ChatGPT Enterprise Compliance API

On top of OpenAI Audit: ChatGPT browser conversation metadata (counts + models + timestamps, not content), custom GPT inventory, memory state. Requires the customer to activate Compliance API access with OpenAI sales (2-4 weeks lead time). €2 extra per seat/month on top of OpenAI Audit.

Q1 2027

Anthropic Console audit

Equivalent for Anthropic Console: workspace users, API keys, usage. Pricing TBD. Starts when at least 3 beta customers ask.

TBD

Google AI Studio / Vertex AI

No commitment. Demand-driven; if Vertex AI enterprise customers concretely ask, we plan it.

Five real situations

When this makes the difference.

BANK · FSMA

Customer-service chatbot leaks no IBANs

You run a GPT-4 bot for balance questions. The FSMA asks: prove that the bot never mentioned another customer's IBAN in an answer. Without observability: months of code audit. With monsys: one click on 'Evidence pack', your auditor runs our offline script, exit 0 → proven.

HR · AI ACT ART. 6 (high-risk)

Recruitment AI reconstructable per candidate

You use Claude to pre-screen CVs. A candidate files a complaint. AI Act art. 14 requires you to reconstruct every decision. Filter traces by user_session_hash, click 'unlock content' → TOTP → read the exact prompt and completion. Complaint substantiated or refuted in 5 minutes.

OPS · COST

€2,000 OpenAI bill avoided

A dev pushes a new RAG prompt Thursday evening that accidentally passes 50KB of context. Without monsys: you only see this Friday on the invoice. With monsys: cost-spike alert (cost_per_minute > €1) fires at 22:14, ntfy push on your phone, rolled back in 10 min. Damage: €4 instead of €2,000.

QUALITY · MODEL DRIFT

Refusal spike = degraded model

OpenAI ships a model update; your system_msg no longer matches well. Refusals go from 2% to 18%. Normally you hear this 3 days later via customer support. With monsys: refusal_rate alert within 15 min, you adjust the prompt before breaking your SLA.

GDPR · INCIDENT READINESS

PII detection + transfer evidence

End user pastes their Belgian RRN in a prompt. Your app sends it to OpenAI. Under GDPR you must log the data transfer to the US. With monsys: span has pii_hits_count=1, redacted as [RRN]. Monthly report: 47 RRN mentions redacted; raw content not at monsys; OpenAI did receive the raw → DPA addendum.

Integration

Four lines of Python, one HTTPS POST per trace.

Same envelope format across Python, Node and Go. No pip install, no npm dependency. Failures log, never throw.

Mint an aiv_… token via dashboard → AI → Apps → New application. Shown once. Then:

Python

from monsys_ai import Tracer
tracer = Tracer()

with tracer.trace("rag.chat") as t:
  with t.span("openai.chat",
              provider="openai",
              model="gpt-4o") as s:
    s.prompt = user_msg
    r = openai.chat.completions.create(...)
    s.completion = r.choices[0].message.content
    s.input_tokens  = r.usage.prompt_tokens
    s.output_tokens = r.usage.completion_tokens

Node / TypeScript

import { Tracer } from "./monsys-ai";
const tracer = new Tracer();

await tracer.trace("rag.chat", async (t) => {
  await t.span("openai.chat",
    { provider: "openai", model: "gpt-4o" },
    async (s) => {
      const r = await openai.chat.completions.create({...});
      s.record({
        prompt: userMsg,
        completion: r.choices[0].message.content!,
        inputTokens:  r.usage!.prompt_tokens,
        outputTokens: r.usage!.completion_tokens,
      });
    });
});

Go

tracer, _ := monsysai.New(monsysai.Options{})

err := tracer.Trace(ctx, "rag.chat", func(t *monsysai.Trace) error {
  return t.Span(ctx, "openai.chat",
    monsysai.SpanOpts{Provider: "openai", Model: "gpt-4o"},
    func(s *monsysai.Span) error {
      s.Prompt = userMsg
      // call your LLM...
      s.Completion = resp
      in, out := inTok, outTok
      s.InputTokens  = &in
      s.OutputTokens = &out
      return nil
    })
})

Pricing — AI observability

Per AI application, not per agent.

Server monitoring (€3/agent from #6) and AI observability are separate modules. First AI app free per tenant — same way your first 5 agents stay free.

Free

€0

1 AI application
5,000 traces/month
30 days retention
PII redaction included
No evidence packs · no alerts

Standard

€3 / AI app / month

first app free · then €3/app

100k traces/month/app fair-use
12 months retention
All redaction levels (incl. hash-only)
Alerts (cost · refusal · PII · z-score)
Unlimited signed evidence packs
Soft overage: €1 per extra 10k traces

Enterprise

from €499/month

Per-tenant Ed25519 signing key
IP allowlisting per AI app
mTLS ingest (client cert)
Retention >12 months
SLA + dedicated support

Contact sales →

What we DO and DON'T promise

Marketing is easy. So we spell out what we deliver and what we don't. Verifiable in the source (sdk/), in the DPA, and with your auditor.

What we deliver

Passive layer, never autonomous — no prompts executed, nothing blocked inline.
PII redaction at the source with checksum validation — IBAN for 36 SEPA countries (BE/NL/FR/DE/ES/IT/PT/LU/AT/…), Belgian RRN, BTW-BE, KBO (mod-97), Dutch BSN (mod-11), French NIR (mod-97), generic E.164 phones.
Ed25519-signed evidence packs, offline-verifiable without a monsys account.
Per-tenant signing-key recordkeeping for key-rotation traceability.
TOTP-gated, single-use unlock with audit log — reuse rejected.
EU-hosted, Belgium, GoTrust BV — no data transfer outside the EU.
Hash-only webhooks — raw content stays on the hub.
Source-visible SDK (~150 LOC per language) — readable in 10 minutes.

What we DON'T promise

We don't make you 'AI Act compliant' — we provide evidence for art. 12 (logging). The provider/deployer obligations remain with you.
We don't replace your DPIA — we're an input for your impact assessment, not the assessment itself.
Not 100% PII detection on everything — our guarantee covers IBAN (all 36 SEPA countries, mod-97), RRN, BTW-BE, KBO, NL BSN, FR NIR, E.164 phone and email. German Steuer-ID, Italian Codice Fiscale, Spanish NIF, US-SSN and card PANs are on the roadmap (Q3-Q4 2026) but not yet supported.
No 'NIS2 certification' — none exists for vendors. We help with art. 21 ('appropriate technical measures').
No real-time blocking or guardrail layer. For inline policy enforcement combine us with Lakera, Protect AI, etc.
We don't replace your archival duty — you remain responsible for long-term retention. We provide monthly exportable signed packs for your archive.
We don't detect jailbreaks or prompt injection — we surface refusals when the model provider refuses; misuse-pattern detection is NOT in our scope.
What OpenAI/Anthropic do with your data falls under YOUR contract with them — we have no influence over it.