prvng_platform/crates/control-center-ui/README.md

Control Center UI - Audit Log Viewer\n\nA comprehensive React-based audit log viewer for the Cedar Policy Engine with advanced search, real-time streaming,\ncompliance reporting, and visualization capabilities.\n\n## 🚀 Features\n\n### 🔍 Advanced Search & Filtering\n\n- Multi-dimensional Filters: Date range, users, actions, resources, severity, compliance frameworks\n- Real-time Search: Debounced search with instant results\n- Saved Searches: Save and reuse complex filter combinations\n- Quick Filters: One-click access to common time ranges and filters\n- Correlation Search: Find logs by request ID, session ID, or trace correlation\n\n### 📊 High-Performance Data Display\n\n- Virtual Scrolling: Handle millions of log entries with smooth scrolling\n- Infinite Loading: Automatic pagination with optimized data fetching\n- Column Sorting: Sort by any field with persistent state\n- Bulk Selection: Select multiple logs for batch operations\n- Responsive Design: Works seamlessly on desktop, tablet, and mobile\n\n### 🔴 Real-time Streaming\n\n- WebSocket Integration: Live log updates without page refresh\n- Connection Management: Automatic reconnection with exponential backoff\n- Real-time Indicators: Visual status of live connection\n- Message Queuing: Handles high-volume log streams efficiently\n- Alert Notifications: Critical events trigger immediate notifications\n\n### 📋 Detailed Log Inspection\n\n- JSON Viewer: Syntax-highlighted JSON with collapsible sections\n- Multi-tab Interface: Overview, Context, Metadata, Compliance, Raw JSON\n- Sensitive Data Toggle: Hide/show sensitive information\n- Copy Utilities: One-click copying of IDs, values, and entire records\n- Deep Linking: Direct URLs to specific log entries\n\n### 📤 Export & Reporting\n\n- Multiple Formats: CSV, JSON, PDF export with customizable fields\n- Template System: Pre-built templates for different report types\n- Batch Export: Export filtered results or selected logs\n- Progress Tracking: Real-time export progress indication\n- Custom Fields: Choose exactly which data to include\n\n### 🛡️ Compliance Management\n\n- Framework Support: SOC2, HIPAA, PCI DSS, GDPR compliance templates\n- Report Generation: Automated compliance reports with evidence\n- Finding Tracking: Track violations and remediation status\n- Attestation Management: Digital signatures and certifications\n- Template Library: Customizable report templates for different frameworks\n\n### 🔗 Log Correlation & Tracing\n\n- Request Tracing: Follow request flows across services\n- Session Analysis: View all activity for a user session\n- Dependency Mapping: Understand log relationships and causality\n- Timeline Views: Chronological visualization of related events\n\n### 📈 Visualization & Analytics\n\n- Dashboard Metrics: Real-time statistics and KPIs\n- Timeline Charts: Visual representation of log patterns\n- Geographic Distribution: Location-based log analysis\n- Severity Trends: Track security event patterns over time\n- User Activity: Monitor user behavior and access patterns\n\n## 🛠 Technology Stack\n\n### Frontend Framework\n\n- React 18.3.1: Modern React with hooks and concurrent features\n- TypeScript 5.5.4: Type-safe development with advanced types\n- Vite 5.4.1: Lightning-fast build tool and dev server\n\n### UI Components & Styling\n\n- TailwindCSS 3.4.9: Utility-first CSS framework\n- DaisyUI 4.4.19: Beautiful component library built on Tailwind\n- Framer Motion 11.3.24: Smooth animations and transitions\n- Lucide React 0.427.0: Beautiful, customizable icons\n\n### Data Management\n\n- TanStack Query 5.51.23: Powerful data fetching and caching\n- TanStack Table 8.20.1: Headless table utilities for complex data\n- TanStack Virtual 3.8.4: Virtual scrolling for performance\n- Zustand 4.5.4: Lightweight state management\n\n### Forms & Validation\n\n- React Hook Form 7.52.2: Performant forms with minimal re-renders\n- React Select 5.8.0: Flexible select components with search\n\n### Real-time & Networking\n\n- Native WebSocket API: Direct WebSocket integration\n- Custom Hooks: Reusable WebSocket management with reconnection\n\n### Export & Reporting\n\n- jsPDF 2.5.1: Client-side PDF generation\n- jsPDF AutoTable 3.8.2: Table formatting for PDF reports\n- Native Blob API: File download and export functionality\n\n### Date & Time\n\n- date-fns 3.6.0: Modern date utility library with tree shaking\n\n## 📁 Project Structure\n\n{$detected_lang}\nsrc/\n├── components/audit/ # Audit log components\n│ ├── AuditLogViewer.tsx # Main viewer component\n│ ├── SearchFilters.tsx # Advanced search interface\n│ ├── VirtualizedLogTable.tsx # High-performance table\n│ ├── LogDetailModal.tsx # Detailed log inspection\n│ ├── ExportModal.tsx # Export functionality\n│ ├── ComplianceReportGenerator.tsx # Compliance reports\n│ └── RealTimeIndicator.tsx # WebSocket status\n├── hooks/ # Custom React hooks\n│ └── useWebSocket.ts # WebSocket management\n├── services/ # API integration\n│ └── api.ts # Audit API client\n├── types/ # TypeScript definitions\n│ └── audit.ts # Audit-specific types\n├── utils/ # Utility functions\n├── store/ # State management\n└── styles/ # CSS and styling\n\n\n## 🔧 Setup and Development\n\n### Prerequisites\n\n- Node.js 18+ and npm 9+\n- Control Center backend running on http://localhost:8080\n\n### Installation\n\n{$detected_lang}\n# Clone the repository\ngit clone <repository-url>\ncd control-center-ui\n\n# Install dependencies\nnpm install\n\n# Start development server\nnpm run dev\n\n\nThe application will be available at http://localhost:3000\n\n### Building for Production\n\n{$detected_lang}\n# Type check\nnpm run type-check\n\n# Build for production\nnpm run build\n\n# Preview production build\nnpm run preview\n\n\n## 🌐 API Integration\n\nThe UI integrates with the Control Center backend and expects the following endpoints:\n\n- GET /audit/logs - Fetch audit logs with filtering and pagination\n- GET /audit/logs/{id} - Get specific log entry details\n- POST /audit/search - Advanced search functionality\n- GET /audit/saved-searches - Manage saved search queries\n- POST /audit/export - Export logs in various formats (CSV, JSON, PDF)\n- GET /compliance/reports - Compliance report management\n- POST /compliance/reports/generate - Generate compliance reports\n- WS /audit/stream - Real-time log streaming via WebSocket\n- GET /health - Health check endpoint\n\n### WebSocket Integration\n\nReal-time log streaming is implemented using WebSocket connections:\n\n{$detected_lang}\nimport { useWebSocket } from './hooks/useWebSocket';\n\nconst { isConnected, lastMessage } = useWebSocket({\n url: 'ws://localhost:8080/ws/audit',\n onNewAuditLog: (log) => {\n // Handle new log entry in real-time\n updateLogsList(log);\n }\n});\n\n\n## ✅ Features Implemented\n\n### Core Audit Log Viewer System\n\n- ✅ Advanced Search Filters: Multi-dimensional filtering with date range, users, actions, resources, severity, compliance frameworks\n- ✅ Virtual Scrolling Component: High-performance rendering capable of handling millions of log entries\n- ✅ Real-time Log Streaming: WebSocket integration with automatic reconnection and live status indicators\n- ✅ Detailed Log Modal: Multi-tab interface with JSON syntax highlighting, sensitive data toggle, and copy utilities\n- ✅ Export Functionality: Support for CSV, JSON, and PDF formats with customizable fields and templates\n- ✅ Saved Search Queries: User preference system for saving and reusing complex search combinations\n\n### Compliance & Security Features\n\n- ✅ Compliance Report Generator: Automated report generation with SOC2, HIPAA, PCI DSS, and GDPR templates\n- ✅ Violation Tracking: Remediation workflow system with task management and progress tracking\n- ✅ Timeline Visualization: Chronological visualization of audit trails with correlation mapping\n- ✅ Request ID Correlation: Cross-service request tracing and session analysis\n- ✅ Attestation Management: Digital signature system for compliance certifications\n- ✅ Log Retention Management: Archival policies and retention period management\n\n### Performance & User Experience\n\n- ✅ Dashboard Analytics: Real-time metrics including success rates, critical events, and compliance scores\n- ✅ Responsive Design: Mobile-first design that works across all device sizes\n- ✅ Loading States: Comprehensive loading indicators and skeleton screens\n- ✅ Error Handling: Robust error boundaries with user-friendly error messages\n- ✅ Keyboard Shortcuts: Accessibility features and keyboard navigation support\n\n## 🎨 Styling and Theming\n\n### TailwindCSS Configuration\n\nThe application uses a comprehensive TailwindCSS setup with:\n\n- DaisyUI Components: Pre-built, accessible UI components\n- Custom Color Palette: Primary, secondary, success, warning, error themes\n- Custom Animations: Smooth transitions and loading states\n- Dark/Light Themes: Automatic theme switching with system preference detection\n- Responsive Grid System: Mobile-first responsive design\n\n### Component Design System\n\n- Consistent Spacing: Standardized margin and padding scales\n- Typography Scale: Hierarchical text sizing and weights\n- Icon System: Comprehensive icon library with consistent styling\n- Form Controls: Validated, accessible form components\n- Data Visualization: Charts and metrics with consistent styling\n\n## 📱 Performance Optimization\n\n### Virtual Scrolling\n\n- Renders only visible rows for optimal performance\n- Handles datasets with millions of entries smoothly\n- Maintains smooth scrolling with momentum preservation\n- Automatic cleanup of off-screen elements\n\n### Efficient Data Fetching\n\n- Infinite queries with intelligent pagination\n- Aggressive caching with TanStack Query\n- Optimistic updates for better user experience\n- Background refetching for fresh data\n\n### Bundle Optimization\n\n- Code splitting by route and feature\n- Tree shaking for minimal bundle size\n- Lazy loading of heavy components\n- Optimized production builds\n\n## 🔒 Security Considerations\n\n### Data Protection\n\n- Sensitive data masking in UI components\n- Secure WebSocket connections (WSS in production)\n- Content Security Policy headers for XSS protection\n- Input sanitization for search queries\n\n### API Security\n\n- JWT token authentication support (when implemented)\n- Request rate limiting awareness\n- Secure file downloads with proper headers\n- CORS configuration for cross-origin requests\n\n## 🚀 Deployment\n\n### Docker Deployment\n\n{$detected_lang}\nFROM node:18-alpine as builder\nWORKDIR /app\nCOPY package*.json ./\nRUN npm ci --only=production\nCOPY . .\nRUN npm run build\n\nFROM nginx:alpine\nCOPY --from=builder /app/dist /usr/share/nginx/html\nCOPY nginx.conf /etc/nginx/nginx.conf\nEXPOSE 80\nCMD ["nginx", "-g", "daemon off;"]\n\n\n### Kubernetes Deployment\n\n{$detected_lang}\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: control-center-ui\nspec:\n replicas: 3\n selector:\n matchLabels:\n app: control-center-ui\n template:\n metadata:\n labels:\n app: control-center-ui\n spec:\n containers:\n - name: control-center-ui\n image: control-center-ui:latest\n ports:\n - containerPort: 80\n env:\n - name: VITE_API_BASE_URL\n value: "https://api.example.com"\n\n\n## 🤝 Contributing\n\n### Development Guidelines\n\n- Follow TypeScript strict mode conventions\n- Use existing component patterns and design system\n- Maintain accessibility standards (WCAG 2.1 AA)\n- Add proper error boundaries for robust error handling\n- Write meaningful commit messages following conventional commits\n\n### Code Style\n\n- Use Prettier for consistent code formatting\n- Follow ESLint rules for code quality\n- Use semantic HTML elements for accessibility\n- Maintain consistent naming conventions\n- Document complex logic with comments\n\n## 📄 License\n\nThis project follows the same license as the parent Control Center repository.\n\n## 🆘 Support\n\nFor questions, issues, or contributions:\n\n1. Check existing issues in the repository\n2. Review the comprehensive documentation\n3. Create detailed bug reports or feature requests\n4. Follow the established contribution guidelines\n\n---\n\nBuilt with ❤️ for comprehensive audit log management, compliance monitoring, and security analytics.