TraceCtrl Enterprise SDK — agentic AI security observability for the enterprise platform
Project description
tracectrl-enterprise
TraceCtrl Enterprise SDK — instrument your agentic AI application to send traces to a TraceCtrl Enterprise deployment.
Apache 2.0 licensed. Thin wrapper over the OSS tracectrl
package — tracectrl does the OpenTelemetry SDK heavy lifting; this package
adds enterprise-specific defaults (collector endpoint, required ingest-key
auth, fail-loud behaviour) and the tag_agent() API for self-identifying
agent spans.
Install
pip install tracectrl-enterprise
Quickstart
import os
from tracectrl_enterprise import configure, tag_agent
configure(ingest_key=os.environ["TRACECTRL_INGEST_KEY"])
@tag_agent(
id="payment-bot",
name="PaymentAgent",
framework="strands", # framework you're running on; informational
role="payment_processing",
)
def run_payment(query: str) -> str:
# ... your agent logic ...
return "ok"
Every call to run_payment creates an OpenTelemetry span with the canonical
TraceCtrl attributes (openinference.span.kind=AGENT,
tracectrl.agent.id, tracectrl.agent.name, etc.), exported via OTLP/gRPC
with Authorization: Bearer <ingest_key> to your TraceCtrl Enterprise
collector. The collector resolves your ingest key to a tenant and stamps
tracectrl.tenant_id on every span — your SDK doesn't (and can't) set
tenancy itself; the collector is the trust boundary.
Configuration
configure(ingest_key=..., endpoint=..., service_name=...) accepts:
| Argument | Env var | Default | Required |
|---|---|---|---|
ingest_key |
TRACECTRL_INGEST_KEY |
— | yes — fails loud if not set |
endpoint |
TRACECTRL_ENDPOINT |
https://app.tracectrl.ai/ingest |
no |
service_name |
TRACECTRL_SERVICE_NAME |
tracectrl-agent |
no |
If you call configure() without an ingest_key argument, it reads
TRACECTRL_INGEST_KEY from the environment. If neither is set, it raises
ValueError — unlike the OSS SDK which can be configured to fail silently,
enterprise installs always fail loud on missing auth.
Framework instrumentation
For automatic tracing of supported frameworks (Strands, etc.), install the OSS instrumentor package alongside this one:
pip install tracectrl-instrumentation-strands
The instrumentor hooks into the same global OpenTelemetry TracerProvider that
tracectrl-enterprise.configure() sets up, so spans from instrumented
framework calls are exported the same way as your @tag_agent-decorated
functions.
License
Apache 2.0. The TraceCtrl Enterprise server-side platform (engine, collector, UI) is BUSL-licensed; the SDK is permissively licensed so it can be embedded in your proprietary code without restriction.
Reporting issues
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tracectrl_enterprise-0.1.1.tar.gz.
File metadata
- Download URL: tracectrl_enterprise-0.1.1.tar.gz
- Upload date:
- Size: 10.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
955d24cbcd54c85569293688558ba9ccdde8f91b556cf68b75b929e3a3b28e1b
|
|
| MD5 |
67f1499a0e8f3c9bcc82ced42f3b1620
|
|
| BLAKE2b-256 |
75cff075d3eff240ef395548684718f83ad1627c7551aaa5242808f3c46bf69d
|
Provenance
The following attestation bundles were made for tracectrl_enterprise-0.1.1.tar.gz:
Publisher:
publish-sdk.yml on tracectrl/tracectrl-enterprise
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
tracectrl_enterprise-0.1.1.tar.gz -
Subject digest:
955d24cbcd54c85569293688558ba9ccdde8f91b556cf68b75b929e3a3b28e1b - Sigstore transparency entry: 1834687545
- Sigstore integration time:
-
Permalink:
tracectrl/tracectrl-enterprise@5223d2474e2cc97b70d2872329797de052bb8d26 -
Branch / Tag:
refs/tags/sdk-v0.1.1 - Owner: https://github.com/tracectrl
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-sdk.yml@5223d2474e2cc97b70d2872329797de052bb8d26 -
Trigger Event:
push
-
Statement type:
File details
Details for the file tracectrl_enterprise-0.1.1-py3-none-any.whl.
File metadata
- Download URL: tracectrl_enterprise-0.1.1-py3-none-any.whl
- Upload date:
- Size: 11.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4ff23de4309d372940f1f7d2b9d1f839c0f07fadedf8ae686a94e2664bf2c522
|
|
| MD5 |
fc6ad12e346d2e123f402301aadd32bb
|
|
| BLAKE2b-256 |
08c10028910746e6dfc105a1bcd1295f73e06c7cf48ff59c54fb34a80431b67e
|
Provenance
The following attestation bundles were made for tracectrl_enterprise-0.1.1-py3-none-any.whl:
Publisher:
publish-sdk.yml on tracectrl/tracectrl-enterprise
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
tracectrl_enterprise-0.1.1-py3-none-any.whl -
Subject digest:
4ff23de4309d372940f1f7d2b9d1f839c0f07fadedf8ae686a94e2664bf2c522 - Sigstore transparency entry: 1834687692
- Sigstore integration time:
-
Permalink:
tracectrl/tracectrl-enterprise@5223d2474e2cc97b70d2872329797de052bb8d26 -
Branch / Tag:
refs/tags/sdk-v0.1.1 - Owner: https://github.com/tracectrl
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-sdk.yml@5223d2474e2cc97b70d2872329797de052bb8d26 -
Trigger Event:
push
-
Statement type:
