API Reference
The RADAR CLI and REST API for compliance evidence collection, reporting, and management. Commands run inside the container via docker exec radar radar <command>.
CLI reference
Current commands
- Name
radar serve- Description
Start the compliance server and dashboard. --host, --port (default 8080), --license, --config.
- Name
radar version- Description
Show RADAR version information.
- Name
radar report- Description
Generate a compliance report from audit data. --format (html|pdf), --regulation (eu-ai-act|gdpr), -o.
- Name
radar verify- Description
Verify Merkle chain integrity of the audit trail.
- Name
radar evidence list- Description
List available evidence packs.
- Name
radar evidence build- Description
Build an evidence pack. --pack-id, --format (json|html|pdf), --window-days, -o.
- Name
radar evidence verify- Description
Verify that a generated pack matches the current audit chain.
Planned commands
- Name
radar status- Description
Display collection status: connected sources, total events, findings breakdown, retention.
- Name
radar sources add/list/remove- Description
Manage evidence sources (LLM gateways, agent endpoints, log files).
- Name
radar traces list/get- Description
Query and inspect audit events with filters: --agent, --type, --since, --until, --limit.
- Name
radar retention set/status- Description
Configure evidence retention policies and legal holds.
- Name
radar siem add/status- Description
Configure SIEM forwarding (Splunk HEC, syslog). Currently configured via dashboard.
- Name
radar token create/revoke- Description
Manage API tokens for programmatic access.
REST API
Dashboard at http://localhost:8080. API endpoints under /api/v1.
Events
curl -X POST http://localhost:8080/api/v1/events \
-H "Content-Type: application/json" \
-d '{"agent":"support-v2","type":"llm_call","model":"gpt-4o",...}'
Compliance
curl "http://localhost:8080/api/v1/compliance/eu-ai-act"
Reports
curl -X POST http://localhost:8080/api/v1/reports/generate \
-H "Content-Type: application/json" \
-d '{"regulation":"eu-ai-act","format":"html"}'
Kill switch
curl -X POST http://localhost:8080/api/v1/kill-switch/activate
curl -X POST http://localhost:8080/api/v1/kill-switch/deactivate
All endpoints
- Name
GET /api/v1/health- Description
- Server health check.
- Name
GET /api/v1/events- Description
- Query events (paginated, filterable by agent, type, date range).
- Name
GET /api/v1/events/{id}- Description
- Fetch a single audit event.
- Name
POST /api/v1/events- Description
- Ingest new audit events.
- Name
PUT /api/v1/policies- Description
- Update live policy configuration (admin only).
- Name
GET /api/v1/compliance/{regulation}- Description
- Overall compliance score for a regulation.
- Name
GET /api/v1/compliance/{regulation}/{agent}- Description
- Per-agent compliance score.
- Name
POST /api/v1/reports/generate- Description
- Generate a compliance report asynchronously.
- Name
GET /api/v1/reports- Description
- List generated reports.
- Name
GET /api/v1/reports/{filename}/download- Description
- Download a generated report.
- Name
POST /api/v1/kill-switch/activate- Description
- Activate kill switch (halts event collection).
- Name
POST /api/v1/kill-switch/deactivate- Description
- Deactivate kill switch (resumes operation).
The dashboard is a React SPA with 34 additional API routers for fleet management, SSO, billing, alerts, SIEM, webhooks, and more. Most features are license-gated.