brimdata
Web-app version of ZUI
I would really like to see ZUI as a web-app not only Desktop app. It would be really helpful when considering collaborative work, especially for investigating a timeline or Packet captures. The web-app could also be dockerized.
As a context, we do not use ZED and ZUI for classic data. We use it for better timeline investigation in DFIR (digital forensics and incident response) due to it's speed and capability of filtering out data and ease of creating tables from timelines.
The main idea is that it can be dockerized, queries are not stored locally but rather in the web-app itself, so users can reuse queries without sending them for ex. via chat apps. Also the current Desktop app does not support proxy, which is crucial for our setup, and thus we cannot access zed-lake behind proxy via the Desktop app (proxychains does not work)
@WhenGrill: Thanks for the use case detail and interest in Zui. There's definitely situations like you describe where a browser-based app makes sense and we've heard this from users at times in the past.
Just to set expectations, the core Dev team that's worked on Zui in the past is unlikely to pursue enhancements like this and in the way you're seeking in the near future. Right now the app's development is on pause as the Dev team is all focused on the SuperDB project which will replace what had been at the Zed layer in Zui in the past. Once SuperDB is GA, the app known as Zui is expected to be revived as "SuperDB Desktop". Per your comment about "classic data", since the mission of SuperDB is not security specific, it's likely that SuperDB Desktop may drop many of the security-centric features and workflows that were in Zui, though perhaps they may still come back as part of some kind of security "module". But this is all a ways off.
In any case, the project as it exists in the Zui repo remains open source so we're happy to keep this issue open in the event that those that find it and have a strong interest might pursue such things themselves.
