What is Splyntra?
Splyntra is observability + security for AI agents. It gives teams building with LLMs and autonomous agents a single place to see what their agents did, how much it cost, and whether anything risky happened — built on open standards and shipped as an open core with a managed cloud on top.
Traditional APM tools were designed for request/response services. Agents are different: a single run fans out into planning steps, tool calls, retrievals, and sub-agent handoffs, each carrying free-form text that may contain secrets, PII, or an injected instruction. Splyntra treats the agent run as the first-class unit and attaches both performance and security signal to every span within it.
The unified trace + risk pillar
The core idea in Splyntra is that observability and security are the same data viewed two ways. One OpenTelemetry-native pipeline ingests your agent's spans, and Splyntra layers two things on top of every trace:
- Traces — the full, hierarchical timeline of an agent run: prompts, model calls, tool invocations, retrievals, and handoffs, with latency, token counts, and cost on each span.
- A risk score — a single 0–100 signal per run that combines secret/PII detection, prompt-injection detection, and policy violations, mapped down onto the exact spans where the risk appeared.
Because both live on the same spans, you can jump from "this run scored 82/100 for risk" straight to the tool call that leaked an API key — no separate SIEM, no correlation guesswork.
If you already emit OpenTelemetry from your agent framework, Splyntra can ingest it directly. See Traces & risk.
What you get
- Traces per agent run — nested spans across frameworks, with timing and token usage.
- Security risk score — secret + PII detection with redaction, plus prompt-injection detection (beta).
- Cost analytics — spend broken down per run, per model, and per project, with budgets.
- Evaluations & CI gates — score outputs offline and block regressions in CI.
- Governance — an append-only audit ledger, policies (RBAC/ABAC/ReBAC), delegation, and spend controls.
- Agent identity — registered agents with scoped credentials, trust policies, and federation.
Editions
Splyntra is built from a single open core into three editions:
| Edition | What it is | License |
|---|---|---|
| Community | The open-source core: OTel collector, traces, cost analytics, basic detection. Self-hosted, free forever. | Apache-2.0 |
| Enterprise | Community plus governance, agent identity/federation, advanced scorers. Self-hosted. | Commercial |
| Cloud | Fully managed Splyntra with the Enterprise feature set, SSO/SCIM, and per-org plan gating. | Commercial |
The open core builds, runs, and is genuinely useful on its own. Enterprise and Cloud features are layered on through build-time registration seams and toggled by configuration — never forked code.
Who it's for
- AI/agent engineers who need to debug multi-step runs and understand latency and cost.
- Platform teams standardizing agent observability across many teams and frameworks.
- Security & compliance teams who need detection, an audit trail, and enforceable policies before agents touch production data.
Next steps
- Quickstart — instrument an agent and see your first trace + risk score in minutes.
- Traces & risk — how the data model works.
- Self-hosting — run the open core with
docker compose up.