Langfuse
Langfuse is an open-source (MIT-licensed) LLM observability platform that captures detailed execution traces from AI agent applications. Many teams already use Langfuse to track prompts, completions, tool calls, token usage, and costs across their LLM stack. Arrakis integrates with Langfuse as an observability data source, pulling rich execution telemetry into the governance pipeline without requiring additional instrumentation in the agent application itself.
If your agents are already instrumented with Langfuse, Arrakis can leverage that existing telemetry for security governance with zero additional agent-side changes.
Integration Architecture
Arrakis connects to Langfuse through three complementary patterns, depending on deployment requirements:
| Pattern | Mechanism | Latency | Best For |
|---|---|---|---|
| API ingestion | REST API polling (/api/public) | Near real-time (configurable interval) | Standard deployments, moderate trace volume |
| Blob storage sync | Langfuse exports to S3/GCS/Azure; Arrakis reads from same bucket | Minutes | High-volume environments, batch compliance analysis |
| Parallel collection | OpenTelemetry Collector sends traces to both Langfuse and Arrakis simultaneously | Real-time | Lowest latency, no dependency on Langfuse as intermediary |
All three patterns support Langfuse Cloud, self-hosted, and BYOC deployments.
Data Captured
Langfuse’s hierarchical data model (Sessions → Traces → Observations) maps naturally to Arrakis governance concepts:
| Langfuse Concept | Arrakis Use |
|---|---|
| Generations (LLM calls) | Prompt/response scanning, sensitive data detection, model usage tracking |
| Spans (non-LLM operations) | Execution flow analysis, retrieval governance |
| Tool calls | Unauthorized action detection, data exfiltration monitoring |
| Scores | Existing quality/safety evaluations feed into risk scoring |
| Sessions | Multi-turn conversation tracking, behavioral pattern analysis |
| Metadata & tags | Tenant isolation, environment-aware policy enforcement |
| Token counts & cost | Budget governance, cost anomaly detection |
| User IDs | Accountability mapping, per-user risk profiling |
Discovery
Arrakis uses Langfuse trace metadata to automatically discover and catalog agents. Model bindings, tool configurations, and execution patterns are extracted from trace data to build the agent inventory without manual registration. When Langfuse captures traces from multiple agent frameworks (LangChain, LlamaIndex, CrewAI, OpenAI SDK), Arrakis normalizes them into a unified governance view.
Runtime Monitoring
With Langfuse as a data source, Arrakis applies its full detection engine to ingested traces:
- Prompt and response analysis — LLM inputs and outputs stored in Langfuse generations are scanned for injection patterns, sensitive data leakage, and policy violations
- Tool call governance — agent tool invocations are validated against approved tool lists and data classification levels
- Cost governance — token usage and model cost data from Langfuse is aggregated for budget enforcement and anomaly detection
- Behavioral analysis — execution patterns across sessions reveal drift, privilege escalation, or unexpected agent behavior over time
Findings are tagged with threat codes and contribute to agent risk scores and organizational posture scoring.
Score Write-Back
Arrakis can write security and governance scores back to Langfuse via its Scores API, enriching the Langfuse UI with compliance findings. This gives engineering teams visibility into governance issues directly in their existing observability workflow without switching tools.
Deployment Considerations
Self-hosted Langfuse — Arrakis’s hybrid deployment model pairs naturally with self-hosted Langfuse. The on-premise Arrakis component connects directly to the customer’s Langfuse instance (PostgreSQL + ClickHouse). Raw trace data never leaves the customer’s security boundary.
Langfuse Cloud — Arrakis connects via Langfuse’s public API with Basic Auth (public key + secret key). Regional endpoints (US, EU, Japan) are supported for data residency compliance.
OpenTelemetry path — For teams using OTel-instrumented frameworks (LlamaIndex, CrewAI), Arrakis can receive the same OTLP trace data that Langfuse consumes, providing real-time governance without API polling latency.
Framework Coverage
Because Langfuse supports 50+ framework integrations, connecting Arrakis to a Langfuse instance provides governance coverage across the entire agent stack in a single integration:
- LangChain / LangGraph (callback handler)
- OpenAI SDK (drop-in wrapper)
- LlamaIndex (OpenInference instrumentation)
- CrewAI (OpenInference instrumentation)
- Vercel AI SDK, LiteLLM, Azure OpenAI, and more
Full integration documentation is available to Arrakis customers.