# Unified Audit Surfaces ## Status Shipped on 2026-03-07. ## Product Shape Keep one canonical cross-module audit owner under Evidence. - Canonical product home: `Evidence > Audit Log` - Canonical route family: `/evidence/audit-log` - Secondary surfacing: - `Admin > Unified Audit Log` - `Setup` overview drilldowns - `Mission Control` activity - `Ops` and quota drilldowns - `Release` detail audit links The current problem was not missing audit UI. The current problem was that the audit UI existed, but the app still split between Evidence-owned routes and stale admin absolute links. ## Product Boundary ### This shell owns - cross-module audit dashboard - all-events browser - event detail - timeline search - correlation clusters - anomaly alerts - export - module-specific audit views: - policy - authority - vex - integrations ### This shell does not own - `Audit Bundles` - stays under `/triage/audit-bundles` - `Auditor Workspace` - stays under `/workspace/audit/:artifactDigest` - contextual reason capsules - stay embedded in the owning workflow - policy/VEX scoped audit tabs - remain inside Policy Decisioning Studio but can deep-link into the canonical audit shell ## Canonical Route Contract ### Canonical routes - `/evidence/audit-log` - `/evidence/audit-log/events` - `/evidence/audit-log/events/:eventId` - `/evidence/audit-log/timeline` - `/evidence/audit-log/correlations` - `/evidence/audit-log/anomalies` - `/evidence/audit-log/export` - `/evidence/audit-log/policy` - `/evidence/audit-log/authority` - `/evidence/audit-log/vex` - `/evidence/audit-log/integrations` ### Shipped aliases - `/admin/audit` - `/admin/audit/:page` - `/admin/audit/events/:eventId` - `/administration/audit` - `/administration/audit/:page` - `/administration/audit/events/:eventId` Aliases must preserve query params for handoffs like `tenantId`, `releaseId`, `runId`, `correlationId`, and event filters. ## Navigation Contract ### Primary navigation - Evidence keeps the real audit owner link. - Admin keeps an audit entry, but it points to the same Evidence-owned route family. ### Secondary entry points to keep - Setup overview drilldown card - Mission Control activity feed - dashboard activity cards - platform ops summary links - quota tenant detail - release detail ### Secondary entry points to avoid - do not create a second top-level audit product - do not fork a separate admin-only audit route tree - do not move audit bundles out of Triage just because they contain the word `audit` ## UX Rules - audit detail pages must always offer a stable path back to the canonical dashboard or events list - query-param handoffs should keep the operator in context instead of dumping them at an unfiltered dashboard - breadcrumbs, quick links, and cards must use the canonical evidence route family - cross-module audit is evidence-centered, not admin-settings-centered ## Why This Is Worth Keeping - Stella Ops makes an auditability promise; cross-module audit is core product capability, not optional legacy UI. - Most of the necessary pages already exist and appear implementation-ready. - The feature value is currently obscured by route fragmentation, broken links, and split ownership language rather than lack of functionality. ## Verification Evidence - feature verification note: `docs/features/checked/web/unified-audit-surfaces-ui.md` - targeted Angular tests: `31` passing assertions across evidence routes, audit behavior, evidence overview, admin aliases, and legacy redirects - Playwright: `2/2` passing scenarios for canonical audit landing, in-shell navigation, and old admin bookmark redirect - production build: pass, with existing unrelated bundle-budget warnings ## Restoration Goal Restored usability, not just visibility: - one canonical owner - working aliases for old bookmarks - repaired internal navigation - real contextual entry points from the workflows that need audit - explicit verification that the main audit journeys work