Use the evidence ledger to explain what happened, why, and when.
The evidence ledger is the operator view into decision history. It helps you answer who initiated an action, which policy made the decision, and which immutable hash anchors the record.
Who this is for
Operators, audit teams, incident responders, and release managers who need decision history without leaving the console.
When to use it
Use this after an evaluate or execute event, during incident review, before building an export, or whenever a stakeholder asks for proof of a decision path.
Required setup
Required setup: tenant settings must already be configured in the console. Evidence pages are console surfaces, so they use the tenant context already stored in the browser.
How to use
1. Open evidence ledger
Start at /console/evidence/ and scope the view to the tenant and time window you care about.
2. Filter the record set
Use available filters to isolate a decision event, operator action, or execution window instead of reading the full ledger as one stream.
3. Inspect the decision record
Review decision outcome, policy basis, timestamp, audit ID, and evidence hash. This is the core record you cite in follow-up work.
4. Follow related evidence
Move from the base record into detailed audit views or exports when you need broader context, packet generation, or formal review artifacts.
5. Escalate gaps
If expected evidence is missing or hashes do not line up with exports, treat that as an operational blocker rather than a cosmetic issue.
What success looks like
Related console surfaces
/console/evidence/ - evidence ledger/docs/evidence/ - evidence model reference