# Discovery and Metrics

This guide explains how the platform provides enterprise administrators with visibility into AI coding assistants and MCP (Model Context Protocol) tool usage across their organization.

* **Discovery:** Understand which MCP servers and tools are in use and by whom, so governance is grounded in actual usage rather than assumptions.
* **Metrics, insights, and usage:** Learn how the console in Highflame Studio presents this data in a structured, actionable way for monitoring, auditing, and informed policy decisions.

Code Agent Control Plane is designed for organizations that need to *discover first, then govern*. Administrators gain visibility into real-world usage and can confidently define policies based on what has been observed.

### Discovery Page: MCP Servers Across Your Organization <a href="#discovery-page-mcp-servers-across-your-organization" id="discovery-page-mcp-servers-across-your-organization"></a>

The **Discovery** page gives enterprise administrators a centralized view of AI coding assistant usage and the security posture of MCP (Model Context Protocol) servers across the organization.

#### Summary metrics <a href="#summary-metrics-top-cards" id="summary-metrics-top-cards"></a>

**Discovered MCP Servers**\
The total number of MCP servers detected across your organization. This includes every server that developers’ IDEs or agents have connected to and that Overwatch has scanned.

**Security Issues**\
The total number of detected security issues across all discovered MCP servers, such as vulnerabilities, misconfigurations, or policy concerns. This metric is highlighted to help administrators quickly prioritize remediation efforts.

**MCP Usage**\
The number of distinct users who have interacted with MCP servers. This provides visibility into the breadth of adoption and the overall scope of MCP usage within the organization.

Together, these metrics answer three foundational questions:

*How many MCP servers are in use?*\
\&#xNAN;*How many security issues exist?*\
\&#xNAN;*And how are users are interacting with them?*

#### MCP servers overview <a href="#mcp-servers-overview-table" id="mcp-servers-overview-table"></a>

The **MCP Servers Overview** table lists “All MCP servers discovered across your organization” with one row per server. Typical columns:

<table><thead><tr><th width="134.56640625">Column</th><th>Description</th></tr></thead><tbody><tr><td><strong>Server</strong></td><td>Server name and details</td></tr><tr><td><strong>Users</strong></td><td>Number of distinct users who have used this server. Lets you see which servers are shared across the org vs. used by a few people.</td></tr><tr><td><strong>Tools</strong></td><td>Number of tools (e.g. capabilities or endpoints) exposed by the server. Helps understand scope and complexity.</td></tr><tr><td><strong>Scan Status</strong></td><td>Indicates that the server was successfully scanned for security checks</td></tr><tr><td><strong>Code Agent</strong></td><td>Which AI coding assistant(s) are connecting to this server (e.g. Cursor, Claude, Gemini). A server may appear with multiple agents if different IDEs use it.</td></tr><tr><td><strong>Last Scanned</strong></td><td>When the server was last scanned (e.g. “11 days ago”). Helps prioritize re-scanning or investigation.</td></tr></tbody></table>

From this table, admins can:

* See **which MCP servers** exist in the organization.
* See **who uses them** (user counts, code agents).
* See **scan and security status** (scan status, and when combined with Security Issues, which servers contribute to the total issue count).
* Use this as the **basis for policy**: once you know what is discovered, you can configure policies (e.g., allowlist, blocklist, or conditions) for those servers and tools. Policy and Playground are covered separately.

### Metrics, Insights, and Usage

Discovery produces raw data (servers, users, tools, events, threats). The Overwatch console turns that into **metrics**, **insights**, and **usage** views so admins can monitor, audit, and make decisions without digging through logs.

#### How It Fits Together <a href="#how-it-fits-together" id="how-it-fits-together"></a>

<table><thead><tr><th width="230.78515625">Need</th><th>What it Conveys</th></tr></thead><tbody><tr><td><strong>What MCP servers exist and who uses them?</strong></td><td>Discovery → MCP Servers Overview table</td></tr><tr><td><strong>Which MCP tools are used most?</strong></td><td>Insights → Most common Agent action and MCP tools<br>Discovery → server-level detail</td></tr><tr><td><strong>How is our security posture?</strong></td><td>Insights → risk %, threats logged, blocked actions<br>Threats &#x26; Violations → Total/Allowed/Denied/Threats</td></tr><tr><td><strong>Which code agents are adopted and how active?</strong></td><td>Agent Usage → adoption chart, activity over time, summary cards</td></tr><tr><td><strong>Who did what, and was it allowed or denied?</strong></td><td>Threats &#x26; Violations (event list + filters)<br>Sessions (session list + filters)</td></tr><tr><td><strong>Configure policy for what we discovered?</strong></td><td>Use Discovery and Insights to decide <em>what</em> to govern; then use Policy to define and test rules.</td></tr></tbody></table>

Discovery gives you the **inventory and usage** (who is using what). Metrics, insights, and usage views in the console give you the **structure** to monitor, audit, and act, so you can govern based on what is actually in use across your organization.

For cross-product visibility — correlating Code Agent sessions with gateway traffic, browser violations, or agent API activity — see [Observatory](/observatory/observatory.md). The [Tools & Agents](/observatory/tools-and-agents.md) view in Observatory provides a unified tool usage inventory across all Highflame products, including MCP servers routed through the Agent Gateway.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.highflame.ai/code-agents/discovery-and-metrics.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.