git.stella-ops.org/docs/modules/ui/unified-audit-surfaces

Unified Audit Surfaces

Status

Shipped on 2026-03-07.

Product Shape

Keep one canonical cross-module audit owner under Evidence.

• Canonical product home: Evidence > Audit Log
• Canonical route family: /evidence/audit-log
• Secondary surfacing:
  • Admin > Unified Audit Log
  • Setup overview drilldowns
  • Mission Control activity
  • Ops and quota drilldowns
  • Release detail audit links

The current problem was not missing audit UI. The current problem was that the audit UI existed, but the app still split between Evidence-owned routes and stale admin absolute links.

Product Boundary

This shell owns

• cross-module audit dashboard
• all-events browser
• event detail
• timeline search
• correlation clusters
• anomaly alerts
• export
• module-specific audit views:
  • policy
  • authority
  • vex
  • integrations

This shell does not own

• Audit Bundles
  • stays under /triage/audit-bundles
• Auditor Workspace
  • stays under /workspace/audit/:artifactDigest
• contextual reason capsules
  • stay embedded in the owning workflow
• policy/VEX scoped audit tabs
  • remain inside Policy Decisioning Studio but can deep-link into the canonical audit shell

Canonical Route Contract

Canonical routes

• /evidence/audit-log
• /evidence/audit-log/events
• /evidence/audit-log/events/:eventId
• /evidence/audit-log/timeline
• /evidence/audit-log/correlations
• /evidence/audit-log/anomalies
• /evidence/audit-log/export
• /evidence/audit-log/policy
• /evidence/audit-log/authority
• /evidence/audit-log/vex
• /evidence/audit-log/integrations

Shipped aliases

• /admin/audit
• /admin/audit/:page
• /admin/audit/events/:eventId
• /administration/audit
• /administration/audit/:page
• /administration/audit/events/:eventId

Aliases must preserve query params for handoffs like tenantId, releaseId, runId, correlationId, and event filters.

Navigation Contract

Primary navigation

• Evidence keeps the real audit owner link.
• Admin keeps an audit entry, but it points to the same Evidence-owned route family.

Secondary entry points to keep

• Setup overview drilldown card
• Mission Control activity feed
• dashboard activity cards
• platform ops summary links
• quota tenant detail
• release detail

Secondary entry points to avoid

• do not create a second top-level audit product
• do not fork a separate admin-only audit route tree
• do not move audit bundles out of Triage just because they contain the word audit

UX Rules

• audit detail pages must always offer a stable path back to the canonical dashboard or events list
• query-param handoffs should keep the operator in context instead of dumping them at an unfiltered dashboard
• breadcrumbs, quick links, and cards must use the canonical evidence route family
• cross-module audit is evidence-centered, not admin-settings-centered

Why This Is Worth Keeping

• Stella Ops makes an auditability promise; cross-module audit is core product capability, not optional legacy UI.
• Most of the necessary pages already exist and appear implementation-ready.
• The feature value is currently obscured by route fragmentation, broken links, and split ownership language rather than lack of functionality.

Verification Evidence

• feature verification note: docs/features/checked/web/unified-audit-surfaces-ui.md
• targeted Angular tests: 31 passing assertions across evidence routes, audit behavior, evidence overview, admin aliases, and legacy redirects
• Playwright: 2/2 passing scenarios for canonical audit landing, in-shell navigation, and old admin bookmark redirect
• production build: pass, with existing unrelated bundle-budget warnings

Restoration Goal

Restored usability, not just visibility:

• one canonical owner
• working aliases for old bookmarks
• repaired internal navigation
• real contextual entry points from the workflows that need audit
• explicit verification that the main audit journeys work