Skip to content

TkxSecurityDashboard

The tekivex-ui security kernel blocks XSS, Trojan-Source unicode, PII leaks, clickjacking, rate-limit abuse, and MIME forgery — but it does so silently. TkxSecurityDashboard makes that invisible work visible: it subscribes to the kernel’s event stream and renders a live log, severity-coloured counts, and a one-click JSON export for a SIEM or incident report.

import { TkxSecurityDashboard } from 'tekivex-ui';
// Zero config — it self-subscribes to the kernel. No provider needed.
<TkxSecurityDashboard />

Click a button to make the kernel block a real threat — each button calls the same primitive (sanitizeString, sanitizeUnicode, scrubPII, audit, createRateLimiter) your app calls. Watch the event appear below.

Security kernel — live events

2 events · 0 critical · 2 warning

2
XSS sanitized
0
Trojan-Source stripped
0
PII redacted
0
Audit entries
7:05:57 PMwarningEscaped 1 HTML-sensitive character before render
7:05:56 PMwarningEscaped 4 HTML-sensitive characters before render

Every defensive primitive emits a SecurityEvent when — and only when — it actually blocks something. The dashboard’s hook subscribes via onSecurityEvent, seeds from a bounded 500-entry ring buffer on mount, and re-renders as events arrive.

Event typeEmitted bySeverity
xss-sanitizedsanitizeStringwarning
unicode-strippedsanitizeUnicode (Trojan-Source / CVE-2021-42574)critical
pii-redactedscrubPIIwarning
auditaudit()info
clickjacking-detectedinstallFrameBustercritical
rate-limitedcreateRateLimiterwarning
mime-rejectedsniffMimeTypecritical

Emission is zero-overhead when no listener is attached and nothing is blocked, and a throwing listener can never break the primitive that emitted it.

Drop the scrolling log and the export button for a small status widget — summary tiles only.

compact

Security kernel — live events

2 events · 0 critical · 2 warning

2
XSS sanitized
0
Trojan-Source stripped
0
PII redacted
0
Audit entries
<TkxSecurityDashboard compact hideExport />

useSecurityEvents() is the engine under the dashboard. It is self-subscribing — no provider required — and returns everything you need to build your own UI.

import { useSecurityEvents } from 'tekivex-ui';
function SecurityBadge() {
const { events, counts, bySeverity, clear, toJSON } = useSecurityEvents();
return (
<span>
{bySeverity.critical} critical · {bySeverity.warning} warning
</span>
);
}
FieldTypeDescription
eventsreadonly SecurityEvent[]The buffered events, oldest first.
countsRecord<SecurityEventType, number>Count per event type.
bySeverityRecord<SecuritySeverity, number>Count per severity.
clear()() => voidClear the in-memory buffer (does not touch the SHA-256 audit chain).
toJSON()() => stringSerialise the buffer to JSON for download / SIEM.

By default every dashboard keeps its own buffer. Wrap your app in SecurityProvider to share one buffer across multiple widgets so they stay in sync.

import { SecurityProvider, TkxSecurityDashboard } from 'tekivex-ui';
<SecurityProvider maxEvents={500}>
<App />
{/* every dashboard / badge inside now reads the same buffer */}
<TkxSecurityDashboard />
</SecurityProvider>

The raw onSecurityEvent subscription is public — pipe events anywhere (Datadog, Splunk, your own /security/events endpoint) without rendering any UI.

import { onSecurityEvent } from 'tekivex-ui';
const unsubscribe = onSecurityEvent((evt) => {
if (evt.severity === 'critical') {
fetch('/security/events', {
method: 'POST',
body: JSON.stringify(evt),
});
}
});
PropTypeDefaultDescription
maxEventsnumber200Max events retained in the log.
hideExportbooleanfalseHide the JSON export button.
compactbooleanfalseSummary tiles only — no event log.
classNamestringClass on the root <section>.
styleCSSPropertiesInline style merged onto the card.