Dashboard

A live dashboard with 9 tabs, accessible at /__brakit on your dev server.

Accessing the Dashboard

Once brakit is running, open your browser and navigate to:

http://localhost:<your-port>/__brakit

The dashboard is served on the same port as your running app. Replace <your-port> with whatever port your dev server uses (e.g. 3000, 5173, 8080).

Real-Time Updates

The dashboard uses Server-Sent Events (SSE) to stream data in real-time. As your app handles requests, you'll see them appear instantly without refreshing.

Use the Clear button to reset all captured data and start fresh. This is useful when you want to isolate a specific user flow.

Tabs

Overview

Summary stats at a glance: total requests, errors, queries, and auto-detected issues like N+1 queries, error hotspots, duplicate requests, and security findings.

Actions

HTTP requests grouped by user action. Navigate to a page? That's one action. Submit a form? Another. Each action shows its requests, redundancy %, timing, and flagged issues.

Requests

Every HTTP request captured by brakit. Filterable by method (GET, POST, etc.) and status code. Shows URL, status, timing, and request/response bodies.

Server Fetches

Server-side fetch() calls your application makes: API calls to third-party services, webhooks, internal service calls. Shows URL, method, status, and timing.

Queries

Database queries captured from pg, mysql2, Prisma, and other adapters. Shows the SQL operation, table name, duration, row count, and source adapter. N+1 patterns are flagged.

Errors

Unhandled exceptions and promise rejections with full stack traces. Correlated to the originating request so you can see what caused them.

Logs

Console output (log, warn, error, debug) captured from your application. Each log entry is correlated to the request that triggered it.

Security

8 high-confidence rules scanned against live traffic. 4 critical rules (exposed secrets, token in URL, stack trace leaks, error info leaks) and 4 warnings (PII leaks, insecure cookies, sensitive logs, CORS misconfiguration).

Performance

Response time trends and health grades per endpoint. Tracks p95 response times across sessions so you can spot regressions.

Dashboard API

The dashboard is powered by a set of JSON API endpoints, all under /__brakit/api/:

Endpoint	Description
/__brakit/api/requests	All captured HTTP requests
/__brakit/api/flows	Grouped request flows (actions)
/__brakit/api/events	SSE stream for real-time updates
/__brakit/api/logs	Console output
/__brakit/api/fetches	Server-side fetch calls
/__brakit/api/errors	Captured errors
/__brakit/api/queries	Database queries
/__brakit/api/metrics	Performance metrics
/__brakit/api/insights	Computed analysis insights
/__brakit/api/security	Security scan findings
/__brakit/api/ingest	Telemetry ingestion (POST, from hooks and SDKs)
/__brakit/api/clear	Clear all data (POST)

Previous← SDK Protocol NextSecurity Rules →