Skip to content

Chat Interface#

The AttackTrace chat interface is the primary workspace, optimized for security investigation workflows.

Layout#

┌──────────────────────────────────────────────────────┐
│  Nav: [Chat] [History] [Models] [Settings]  [Avatar] │
├───────────────┬──────────────────────────────────────┤
│               │                                      │
│  Session list │         Conversation area            │
│               │                                      │
│  • New chat   │  User messages / AI replies /        │
│  • History    │  Tool call cards                     │
│               │                                      │
├───────────────┴──────────────────────────────────────┤
│  [Model ▼]   [Input box........................] [Send]│
└──────────────────────────────────────────────────────┘

Core features#

Multi-turn conversation#

AttackTrace maintains full conversation context. You can ask follow-up questions within a single session:

You: Query threat intelligence for IP 185.220.101.1
AI:  [uses available threat intelligence] This IP appears in suspicious infrastructure context...

You: What evidence supports that conclusion?
AI:  [shows source context] The verdict is based on reputation, infrastructure, and recent observation signals...

You: Pull the last 7 days of logs for this IP from Splunk
AI:  [calls Splunk search_splunk] Found 23 related log entries...

Tool call visualization#

When AI calls an MCP tool, the interface shows a collapsible card containing:

  • Tool name: the MCP tool invoked (e.g. check_ip)
  • Input parameters: parameters passed to the tool (expandable)
  • Return value: raw data returned by the tool (expandable)

New conversation#

Click + New Chat at the top of the left panel to start a new session. Each session has its own independent context.

Markdown rendering#

AI responses support full Markdown formatting:

  • Tables (IOC lists, comparison analysis)
  • Code blocks (SPL/DSL queries, config files)
  • Ordered/unordered lists (investigation steps)
  • Bold/italic (emphasis)

Message actions#

Hover over a message to access:

  • Copy: copy message text to clipboard
  • Regenerate: ask AI to regenerate that response

Model switching#

The dropdown in the bottom-left of the chat interface lets you switch AI models at any time. New messages use the newly selected model; previous messages are unaffected.

Keyboard shortcuts#

Shortcut Action
Enter Send message
Shift + Enter Insert line break
Recall previous message (when input is empty)