> For the complete documentation index, see [llms.txt](https://help.nightfall.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.nightfall.ai/nightfall-for-anthropic-claude/policy-incidents.md). # Policy Incidents * Violations appear on the **Detection & Response** page, filterable by `Channel = Claude (Compliance API)`. * Each incident shows the matching content (prompt text, completion text, or file content) with findings highlighted. Credentials are redacted with `████).` * Status is `IN_PROGRESS` until an analyst acts on the incident. This matches Nightfall's standard async-violation behavior. * The **Claude Activity** view shows admin events (logins, member changes, API-key creation, configuration changes) from your Claude organization. These events are written to the Nightfall audit log and forwarded to SIEM. They never appear as incidents. ### Scope and limitations Read this section before deploying so expectations match reality. * **Monitor-only on this channel.** The Compliance API is post-hoc, so Nightfall sees content after it has been submitted to Claude. Inline pre-submit blocking on Claude is handled by the Nightfall endpoint agent on Claude Desktop, Claude Code, and the browser tab. (Link to endpoint-agent help doc.) * **Claude Enterprise only.** Claude Team plan is not exposed by the Compliance API. * **No model-inference coverage on the Claude Platform.** The Compliance API does not expose model-inference content. For real-time scanning and blocking on Claude Code (IDE and CLI), see the Nightfall AI Agent Security integration based on Claude Code Hooks and OpenTelemetry. (Link to AI Agent Security help doc.) * **No coverage of Claude on Amazon Bedrock or Google Vertex AI.** * **No ACL or permission graph.** Identity governance over Claude (who can access which project) lives with Okta and SailPoint. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.nightfall.ai/nightfall-for-anthropic-claude/policy-incidents.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.