git.stella-ops.org/docs/modules/ui/unified-audit-surfaces/README.md

# Unified Audit Surfaces

## Status
Shipped on 2026-03-07.

## Product Shape
Keep one canonical cross-module audit owner under Evidence.

- Canonical product home: `Evidence > Audit Log`
- Canonical route family: `/evidence/audit-log`
- Secondary surfacing:
  - `Admin > Unified Audit Log`
  - `Setup` overview drilldowns
  - `Mission Control` activity
  - `Ops` and quota drilldowns
  - `Release` detail audit links

The current problem was not missing audit UI. The current problem was that the audit UI existed, but the app still split between Evidence-owned routes and stale admin absolute links.

## Product Boundary

### This shell owns
- cross-module audit dashboard
- all-events browser
- event detail
- timeline search
- correlation clusters
- anomaly alerts
- export
- module-specific audit views:
  - policy
  - authority
  - vex
  - integrations

### This shell does not own
- `Audit Bundles`
  - stays under `/triage/audit-bundles`
- `Auditor Workspace`
  - stays under `/workspace/audit/:artifactDigest`
- contextual reason capsules
  - stay embedded in the owning workflow
- policy/VEX scoped audit tabs
  - remain inside Policy Decisioning Studio but can deep-link into the canonical audit shell

## Canonical Route Contract

### Canonical routes
- `/evidence/audit-log`
- `/evidence/audit-log/events`
- `/evidence/audit-log/events/:eventId`
- `/evidence/audit-log/timeline`
- `/evidence/audit-log/correlations`
- `/evidence/audit-log/anomalies`
- `/evidence/audit-log/export`
- `/evidence/audit-log/policy`
- `/evidence/audit-log/authority`
- `/evidence/audit-log/vex`
- `/evidence/audit-log/integrations`

### Shipped aliases
- `/admin/audit`
- `/admin/audit/:page`
- `/admin/audit/events/:eventId`
- `/administration/audit`
- `/administration/audit/:page`
- `/administration/audit/events/:eventId`

Aliases must preserve query params for handoffs like `tenantId`, `releaseId`, `runId`, `correlationId`, and event filters.

## Navigation Contract

### Primary navigation
- Evidence keeps the real audit owner link.
- Admin keeps an audit entry, but it points to the same Evidence-owned route family.

### Secondary entry points to keep
- Setup overview drilldown card
- Mission Control activity feed
- dashboard activity cards
- platform ops summary links
- quota tenant detail
- release detail

### Secondary entry points to avoid
- do not create a second top-level audit product
- do not fork a separate admin-only audit route tree
- do not move audit bundles out of Triage just because they contain the word `audit`

## UX Rules
- audit detail pages must always offer a stable path back to the canonical dashboard or events list
- query-param handoffs should keep the operator in context instead of dumping them at an unfiltered dashboard
- breadcrumbs, quick links, and cards must use the canonical evidence route family
- cross-module audit is evidence-centered, not admin-settings-centered

## Why This Is Worth Keeping
- Stella Ops makes an auditability promise; cross-module audit is core product capability, not optional legacy UI.
- Most of the necessary pages already exist and appear implementation-ready.
- The feature value is currently obscured by route fragmentation, broken links, and split ownership language rather than lack of functionality.

## Verification Evidence
- feature verification note: `docs/features/checked/web/unified-audit-surfaces-ui.md`
- targeted Angular tests: `31` passing assertions across evidence routes, audit behavior, evidence overview, admin aliases, and legacy redirects
- Playwright: `2/2` passing scenarios for canonical audit landing, in-shell navigation, and old admin bookmark redirect
- production build: pass, with existing unrelated bundle-budget warnings

## Restoration Goal
Restored usability, not just visibility:

- one canonical owner
- working aliases for old bookmarks
- repaired internal navigation
- real contextual entry points from the workflows that need audit
- explicit verification that the main audit journeys work