Architecture
How the Sentinel agent communicates with the Quilr backend: what it sends, what it receives, and when.
Sentinel Agent
[backend]
base_url = "https://api.quilr.ai"
tenant_id = "<uuid>"
auth_token = "<token>"Backend Sync
Discover
Ingest
POST /ea/v1/sync/discovered-apps
Batches of 50
Gzip-compressed
202 Accepted
Unknown Processes
POST /ea/v1/sync/unknown-processes
Unmapped PIDs
Backend identifies
Govern
Delta Sync
GET /ea/v1/sync/delta
Poll every 120s
Approval + policy overrides
Process Map
GET /ea/v1/sync/process-map
Name-to-app mappings
Used by Correlator
Report
Activity Log
POST /ea/v1/sync/activity
Per-decision audit record
Fire-and-forget
Alerts
POST /ea/v1/sync/alerts
Block / quarantine events
Dashboard notifications
Quilr Backend
App CatalogGovernance PoliciesProcess MappingsDelta EndpointAudit DashboardAlert Queue
QuilrAI
API Endpoints
Sync Cadence
Authentication
All requests include the following tenant-scoped headers:
These headers are set on every outbound request and are used by the backend for multi-tenant routing and isolation.
Local Persistence
The agent maintains local state to ensure reliability across restarts and network outages.