Skip to main content
Version: Next

Operasyon Merkezi (SOC/NOC Dashboard)

AnchorNAC paketi ile gelen tek ekran SOC/NOC kontrol merkezi: 13 canlı KPI tile + 8 widget (incidents, sessions, ports, sites, topology, approvals, audit, fail-reasons) + Cytoscape ağ görselleştirmesi + SSE invalidate-only real-time push.

Hedef kullanıcı: SOC analist / NOC operatör / IT yöneticisi
Erişim: AnchorNAC veya On-Prem paketi
URL: / (default AnchorNAC shell home)

1. Üst Strip — Canlı KPI Bandı (DashboardKpiBand)

10 saniye tick ile NATS push delivery; SSE event geldiğinde state replace. 5 tile:

TileMetricAnlam
Aktif oturumactive_sessionsNOW() < grant_until grant sayısı
Karar (son 1 dk)decisions_1mPolicy-engine real-time karar tempo
Switch onlineswitches_onlinelast_seen_at < 5dk
Açık incidentincidents_openstate ∈ pending/triaging/acknowledged
Posture fail (24sa)posture_fail_24hverdict ∈ fail/drift

Canlı sinyal: LiveDot green/red + lastEventAt rölle gösterimi.

2. EnterpriseDashboardDemo — 8 Widget + 8 KPI Tile

AnchorNAC ana dashboard inline metric grid:

8 KPI Tile (üst sıra)

TileBackendLive
Aktif sessiondashboard/overview.active_guest_count
Auth success (24s)dashboard/overview (login + login_fail oran)
Auth fail (24s)dashboard/overview.login_fail_count_24h
Hata oranı / RADIUS p95dashboard/overview.error_rate_pct
Open incidentsincidents (state filter)
Edge healthdashboard/kpis-extra.edge_health_pct
Posturedashboard/kpis-extra.posture_compliance_pct
Audit / TSAdashboard/kpis-extra.audit_anchor_lag_min

8 Widget (alt grid)

WidgetEndpointReal-time
Incidents queueGET /incidentsSSE /stream/incidents
Audit timelineGET /auditSSE /stream/audit
Live sessionsGET /sessions/activeSSE /stream/live-sessions
Switch port mapGET /switches/{id}/portsPolling 60s
Site healthGET /sites/metrics (W4)Polling 60s
Topology (Cytoscape)GET /topologyPolling 60s
Fail reasonsGET /decisions aggregatePolling 60s
JIT approvalsGET /jit-approvalsSSE /stream/jit-approvals

3. SSE Invalidate-Only Pattern

Tasarım kararı (ADR-0024 addendum): SSE event'leri payload data taşımıyor; sadece cache invalidation sinyali ({kind, ts, site_id?}). Frontend queryClient.invalidateQueries({queryKey: qk.X.all()}) ile detay re-fetch eder.

Avantajlar:

  • Bandwidth düşük (event ~50 byte)
  • Multi-tenant izolasyon kolay (event'te data yok; refetch normal yetkilendirme path'inden geçer)
  • Cache tutarlılığı garantili (event payload ile cache state ikiz tutmaya gerek yok)

Reconnect coverage: Browser EventSource native auto-reconnect; lost event penceresinde useStreamRefetch onConnect callback'i full refetch tetikler.

Polling fallback: SSE down ise 60s polling devam eder (per-widget refetchInterval).

4. Cytoscape Topoloji Görselleştirmesi

AnchorNAC shell'de inline embed:

  • Layout: ELK hierarchical (default) — cose-bilkent / fcose / circle alternatif
  • Bundle: ~150KB gzipped, next/dynamic ssr:false lazy load
  • Etkileşim: zoom/pan + click handler + node detail drawer
  • Footer link: "Tam görüntüle → /topology" — advanced features için full sayfa route

5. Mobile Responsive

isCompact (≤768px) breakpoint'te:

  • DataTable → MobileCardList auto-swap (ResponsiveDataTable HOC)
  • Drawer → BottomSheet (incident detail panel)
  • KPI grid 4-col → 1-col stack (ResponsiveGrid {base:1, sm:2, lg:4})
  • ActivityFeed → BottomSheet (FAB tetikli)
  • Cytoscape topology mobile touch (zoom/pan)

Playwright mobile CI (Pixel 5 + iPhone 12 profiles) regression gate.

6. Operatör runbook

JWT mint (smoke test)

import jwt, time

secret = "<NAC_JWT_SECRET>"          # env veya secret store
tenant = "<your-tenant-uuid>"
token = jwt.encode(
    {"sub": "admin", "tenant_id": tenant, "roles": ["admin"],
     "iat": int(time.time()), "exp": int(time.time()) + 3600},
    secret, algorithm="HS256",
)
print(token)

Dashboard endpoint smoke

JWT=<minted>

# 13 KPI tile + 8 widget endpoint check
for ep in dashboard/overview dashboard/kpis-extra \
          sites sites/metrics incidents sessions/active \
          jit-approvals topology decisions audit; do
  echo "--- $ep ---"
  curl -sk -H "Authorization: Bearer $JWT" \
    "https://<host>/api/v1/tenants/me/$ep" | jq -c | head -c 200
  echo
done

Beklenen HTTP code'lar

  • 200: Modül aktif tenant'ta canlı response
  • 401: JWT eksik veya geçersiz
  • 403: Modül entitlement gate (örn. policy_engine yok)
  • 404: Route yok (yanlış URL)

7. SLO targets

MetricTargetAlert eşiği
Dashboard /overview p95 latency< 200ms> 500ms 15dk
SSE /stream/* reconnect rate< 0.1/s> 1/s 5dk
KPI tile refresh interval10s (SSE)n/a
Widget polling interval60sn/a

Backend cloud_console_http_request_duration_seconds histogram + cloud_console_nats_*_publish_duration_seconds (4 publisher, ADR-0031).

8. İlgili sayfalar

9. Mimari kararlar (ADR'ler)

  • ADR-0024 — TanStack Query domain hooks + useStreamRefetch SSE invalidate pattern (+ reconnect refetch addendum 2026-05-20)
  • ADR-0028 — Critical Event Contract (NATS event envelope)
  • ADR-0029 — Mobile Responsive Standards
  • ADR-0031 — NATS Publish Observability Standard