Knogin
[Developers]

Analytics Domain

An investigator submits a complex fraud case to the platform's analytics layer. Within seconds, four different AI providers have each analysed the data independently. Their outputs are compared: three providers agree on

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainsaireal-timecompliance

Overview#

An investigator submits a complex fraud case to the platform's analytics layer. Within seconds, four different AI providers have each analysed the data independently. Their outputs are compared: three providers agree on the primary pattern; one identifies a secondary anomaly the others missed. The analyst gets a richer picture than any single AI model could provide, with built-in cross-validation and a cost tracker showing the total spend for the analysis.

The Analytics domain is the intelligence layer of the platform. It executes analysis requests across multiple AI providers in parallel, runs custom Python analytics scripts in a secure browser sandbox, and provides pre-built templates for common investigation patterns. Cost controls, provider performance comparison, and per-investigation spend tracking give organisations full visibility into how AI resources are being used.

Key Features#

  • Multi-AI Analysis: Executes analysis requests across multiple AI providers in parallel, providing diverse perspectives and consensus-based insights for investigation data.
  • Client-Side Analytics Execution: Runs custom Python analytics scripts safely in the browser sandbox, enabling advanced data analysis without server-side code execution risks.
  • Pre-Built Analytics Templates: A library of ready-to-use analysis templates for common investigation patterns, with support for custom templates and tagging.
  • Usage Tracking and Cost Monitoring: Real-time tracking of AI token usage and costs by organisation, with configurable daily budget limits and alerts.
  • Provider Performance Comparison: Dashboard metrics comparing AI provider response quality, latency, and cost to optimise provider selection.
  • Investigation Cost Analytics: Tracks analytics spending per investigation for budget management and resource allocation decisions.
  • Rate Limiting and Budget Controls: Multiple mechanisms prevent runaway costs including daily budget limits, concurrent analysis caps, and pre-analysis cost estimation.
  • Audit Logging: All analytics operations are logged for compliance tracking with full audit trail capabilities.
  • Resilient Multi-Provider Architecture: Individual provider failures do not block the overall analysis; results from available providers are still returned.
  • Customisable Analysis Templates: Organisations can create, tag, and manage their own analysis templates alongside the platform's built-in library.

Use Cases#

Law enforcement investigators submit case data for multi-AI analysis, receiving insights from multiple providers that are compared and synthesised to identify patterns that a single provider might miss, particularly useful for novel modus operandi not well-represented in any single training dataset.

Data analysts use the client-side Python execution environment to run custom analytics scripts on investigation data directly in the browser, with full sandboxing ensuring that custom code cannot access or exfiltrate platform data.

Financial crime units monitor their AI usage costs through real-time dashboards, set daily budget limits per investigation type, and receive alerts when spending approaches configured thresholds, keeping analytical costs proportionate to case value.

Intelligence agency administrators compare AI provider performance metrics across analysis types to make informed decisions about which providers to activate for specific operational workloads, balancing cost, quality, and data residency requirements.

Integration#

The Analytics domain works with the Investigation domain for case context, the Evidence domain for data input, and the Visualisation domain to present AI-powered insights throughout the investigation lifecycle.

Open Standards#

  • GraphQL (June 2018 specification): All analytics queries, mutations, and data types are exposed through a strongly typed GraphQL API, enabling introspection, parallel provider queries, and structured result aggregation.
  • JSON (RFC 8259): Analysis parameters, results, metric configurations, dashboard widget positions, and event payloads are all serialised as JSON, with JSONB used for efficient persistence and querying in PostgreSQL.
  • JWT (RFC 7519) / OAuth 2.0 Bearer Tokens (RFC 6750): Every analytics endpoint requires a verified Bearer JWT; sandbox-audience tokens are explicitly segregated from live-audience tokens, enforcing least-privilege access to AI provider results and cost data.
  • WebSocket Protocol (RFC 6455): Real-time analytics events (case updates, alert triggers, metric recalculations) are broadcast to dashboard clients over WebSocket via Cloudflare Durable Objects.
  • ISO 8601 / RFC 3339 Timestamps: All temporal fields, metric calculation periods, event timestamps, temporal decay scores, and audit records, are stored and serialised as UTC ISO 8601 datetime strings.
  • UUID (RFC 4122): All analytics entities (metrics, dashboards, widgets, analysis jobs, organisations) are identified by version-4 UUIDs, ensuring collision-free identifiers across multi-tenant deployments.
  • W3C Trace Context: Usage metering records an optional W3C trace ID against each API request and GraphQL operation, enabling distributed tracing correlation across the analytics pipeline.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.