Why
Enterprise security teams need a pane of glass showing:
- Which agents are running, what tools they're calling, what's being blocked
- Trends: are violations increasing? Which repos are riskiest?
- Alert on anomalies: agent suddenly making 10x more file writes than normal
Currently, audit data goes to stderr as JSON lines. Issue #13 covers export sinks, but even with sinks, there's no consumption layer. Enterprises won't build their own dashboard for a v0.1 tool.
Acceptance Criteria
- Ship a lightweight web UI or CLI summary dashboard
- Or: provide a Grafana dashboard template + OTEL collector config as reference architecture
- Include at minimum: decisions over time, top blocked tools, top triggered rules, latency distribution
Enterprise impact
The buyer (CISO/security team) needs to see value. If the only evidence is grep-ing stderr logs, the product is invisible to the people who approve procurement.
Why
Enterprise security teams need a pane of glass showing:
Currently, audit data goes to stderr as JSON lines. Issue #13 covers export sinks, but even with sinks, there's no consumption layer. Enterprises won't build their own dashboard for a v0.1 tool.
Acceptance Criteria
Enterprise impact
The buyer (CISO/security team) needs to see value. If the only evidence is grep-ing stderr logs, the product is invisible to the people who approve procurement.