Documentation Index
This page is the complete map to all documentation. Use it when you know what you want but not where to find it.
User-Facing Documentation (/docs)
These documents are written for security analysts, platform operators, and new team members.
| Document | What you will find |
|---|---|
| Introduction | Platform overview, key concepts glossary, role-based navigation |
| Getting Started | Step-by-step setup from scratch to running platform with auth and AI |
| Running the Project | Tested clone-and-run workflow for the full stack with the current Docker path |
| Master Guide | Single-page narrative of the whole platform with architecture diagrams |
| Kali Demo Walkthrough | Operator-ready demo from Docker host plus Kali VM with exact attack commands |
| Operations and Deployment | Bootstrap checklist, TLS setup, database backup, day-2 runbooks |
| Troubleshooting | Symptom → cause → fix for auth, backend, AI, frontend, SDN issues |
| Incident Response Runbook | SOC playbooks by threat level including AI-assisted triage commands |
| Documentation Index | This page |
Developer Documentation (/dev)
These documents are for engineers building, extending, or operating the platform.
| Document | What you will find |
|---|---|
| System Overview | Platform capabilities, component responsibilities, and design philosophy |
| Architecture Overview | Service topology, data flow, trust boundaries, sequence diagrams |
| Backend Design | FastAPI structure, routers, services, data models, auth, LLM integration |
| Frontend Design | React dashboard, components, state management, WebSocket, auth store |
| AI Threat Scoring | ML model, feature engineering, LLM analysis, AI endpoints |
| SDN Controller | Ryu controller, OpenFlow flow management, score-to-redirect logic |
| API Reference | Every endpoint documented — auth, sessions, AI, dashboard, canary, SDN |
| Environment Configuration | Every environment variable with type, default, and when to change it |
| Developer Onboarding | First-time dev setup, local workflow, and daily development commands |
| Testing and Quality | Unit/integration test strategy, CI pipeline, coverage targets |
| Security Hardening Checklist | Completed and outstanding hardening tasks for production readiness |
| Honeypot Integration | Cowrie and Dionaea integration contracts, payload schemas, reliability |
| Observability and SLOs | Metrics, log formats, SLO targets, alerting and Splunk forwarding |
Key Cross-References
| "I want to understand..." | Go to |
|---|---|
| The big picture in one page | Master Guide |
| What each service does | System Overview |
| How data flows from honeypot to dashboard | Architecture Overview + Master Guide data flow diagram |
| Every API endpoint | API Reference |
| Every environment variable | Environment Configuration |
| How the ML threat score works | AI Threat Scoring |
| How to set up the platform for the first time | Getting Started |
| How to run the full tested stack after cloning | Running the Project |
| How to run the live Kali attack demo | Kali Demo Walkthrough |
| What to do when an alert fires | Incident Response Runbook |
| Why a feature is broken | Troubleshooting |
| How to run tests | Testing and Quality |
| Production deployment steps | Operations and Deployment |
Canonical Documentation Policy
- User docs:
/docs-site/docs/— rendered as the public-facing docs site - Dev docs:
/docs-site/dev/— rendered under the/devpath prefix - Docusaurus config:
/docs-site/docusaurus.config.js - Build command:
cd docs-site && npm run build - Rule: When you change behavior in code, update the corresponding docs in the same pull request