Zespan is an AI agent observability and engineering platform. It traces every agent decision, tool call, handoff, and delegation in production. It also provides prompt versioning, built-in LLM-as-judge evaluations, guardrails, cost optimization, and an AI ops assistant called ZespanPilot.

How do I instrument my AI agent with Zespan?

Zespan requires 2 lines of code. Import zespan and call zespan.init({ apiKey: process.env.LT_KEY }). This auto-patches OpenAI, Anthropic, Gemini, Bedrock, and Mistral. For framework-level tracing, add one handler: ZespanCallbackHandler for LangChain, ZespanCrewAIListener for CrewAI, or ZespanADKHandler for Google ADK.

Does Zespan support prompt versioning?

Yes. Zespan includes prompt management with versioning, a playground for iteration, and A/B testing to compare prompt versions against each other in production.

What evaluations does Zespan support?

Zespan ships 12 built-in LLM-as-judge evaluation templates including faithfulness, relevance, toxicity, groundedness, and more. Evaluations run automatically on every trace with no custom scoring functions required.

How does Zespan compare to Langfuse?

Zespan is agent-native: every span carries agent identity, delegations are first-class trace events, and an agent map is built automatically. Langfuse was built for LLM pipelines and extended to agents later. Zespan also ships 12 built-in eval templates (Langfuse has none), includes an AI cost optimizer, and ZespanPilot for AI ops. Langfuse has open-source self-hosting; Zespan does not.

What is the free tier for Zespan?

The free tier includes 10,000 traces per month, 14-day retention, 2 projects, and 1 seat. No credit card required.

Use Case — Enterprise

AI observability that satisfies security, legal, and audit — not just engineering.

Enterprise AI deployments need access control, audit trails, data governance, and compliance tooling. Here's what Zespan looks like when those requirements are non-negotiable.

Start for free →For Enterprise buyers with security, compliance, and governance requirements

The problem

No access control across projects

Multiple teams share AI infrastructure. Any engineer can see any project's traces, prompts, and cost data — including sensitive customer conversations.

No audit trail for AI changes

Compliance requires documentation of every prompt change, guardrail modification, and billing action. You don't have that trail. Auditors will ask.

No proof that outputs are monitored

Legal and security want assurance that AI outputs are actively monitored and controlled. You have logging — not governance.

How to use Zespan for this

Configure SSO in Org Settings

Go to Org Settings → SSO. Enter your OIDC issuer URL, client ID, and client secret (stored encrypted at rest). Enable domain-based routing — users on your email domain are automatically sent to SSO on login. Set a default role (viewer or member) for all SSO-provisioned users. OIDC discovery auto-populates configuration from your issuer URL.

Assign RBAC roles — scope each team to what they need

In Org Settings → Team, assign roles: owner, admin, member, or viewer. Sensitive operations — promoting a prompt to production, changing guardrail config, managing billing — are gated by role server-side. Viewers see dashboards and traces. Only admins can modify production config. Role checks happen on every API route, not just the UI.

zespan.com

Zespan team management showing role assignment with permission scope per role

Enable guardrails with audit logging

Configure guardrails for PII, toxicity, and any custom LLM rules your compliance team specifies. Every guardrail execution is logged — rule slug, action taken, modified text, latency. Every guardrail config change (create, update, enable, disable) is written to the audit log with actor user ID, IP, and user agent. This is your evidence of active monitoring.

zespan.com

Zespan guardrail config with execution logs and audit trail entries visible

Review the Audit Log — every sensitive action attributed

Open Org Settings → Audit Log. Every sensitive action on the platform is recorded: SSO config changes, prompt label promotions, guardrail modifications, billing events, team membership changes. Each entry shows actor user ID, IP address, and user agent. Export the log for compliance reviews or pipe it to your SIEM.

Handle data subject requests — GDPR Art. 15 and 17

When a GDPR erasure or access request arrives, call the Zespan API: POST /gdpr/erasure-request or /gdpr/dsar-request with the user identifier. The request is queued as a background job with a 30-day deadline tracked. Duplicate requests are blocked. Deadline status is queryable. Your DPO gets a documented, auditable process instead of manual data hunting.

zespan.com

Zespan alerts and incidents view showing compliance monitoring and active incident count

Zespan features used

GuardrailsDeep dive →Alerts & IncidentsDeep dive →Prompt ManagementDeep dive →Cost ManagementDeep dive →

Start free — 10K traces/month, no card needed

See every agent decision, tool call, and handoff in production. Setup takes under 5 minutes.

Get started free →

← Back to home