Skip to content

docs(plan): activity & audit readability initiative#615

Merged
remyluslosius merged 1 commit into
mainfrom
docs/activity-readability-plan
Jun 20, 2026
Merged

docs(plan): activity & audit readability initiative#615
remyluslosius merged 1 commit into
mainfrom
docs/activity-readability-plan

Conversation

@remyluslosius

@remyluslosius remyluslosius commented Jun 20, 2026

Copy link
Copy Markdown
Contributor

Tracking doc for the initiative to make all activity/log surfaces human-readable and the audit trail a first-class exportable compliance record. Grounded in a backend+frontend map of the current state.

Key decisions captured:

  • Backend builds the human sentence (frontend keeps only display chrome) — only the server can resolve codes->sentences and IDs->names without drift.
  • The settings Audit log stays as the distinct forensic view (full envelope: actor/outcome/correlation/detail/redactions), not a duplicate of the lossy /activity?source=audit projection. Made readable + detail drawer + export.
  • Immutable/exportable audit is a committed FedRAMP/CMMC/NIST-800-53 AU requirement.
  • Readability target: sentences + clickable context + drawers + grouping/dedup.

Sequencing: Phases 0-3 (backend sentences -> shared formatter -> detail drawers + finish host tabs -> exportable readable audit log) are the committed body of work; Phases 4 (grouping/dedup) and 5 (tamper-evidence/retention/AU mapping) are fast-follow tracks.

Doc only. Next: start Phase 0 as its own feature PR.

@remyluslosius
docs(plan): activity & audit readability initiative
3ef85f7 
Phased plan to make every activity/log surface human-readable and to make
the audit trail a first-class exportable compliance record.

Grounded in a backend+frontend map of the current state:
- one unified /api/v1/activity UNION feed; 2 of 5 legs (alerts, monitoring)
  already emit human sentences; compliance/intelligence/audit legs emit raw
  codes; no shared frontend formatter (6 surfaces each leak differently).
- Decisions: backend builds the sentence; settings Audit log kept as the
  distinct forensic view (not redundant with /activity); audit is a committed
  FedRAMP/CMMC/NIST-AU requirement; readability target incl. grouping/dedup.
- Sequencing: ship Phases 0-3 (full readability + exportable audit), then
  4 (grouping/dedup) + 5 (tamper-evidence/retention/AU mapping) as fast-follow.
@github-actions github-actions Bot added documentation Improvements or additions to documentation size/L labels Jun 20, 2026
@remyluslosius remyluslosius merged commit a1b1f26 into main Jun 20, 2026
12 checks passed
@remyluslosius remyluslosius deleted the docs/activity-readability-plan branch June 20, 2026 18:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@remyluslosius