Documentation
¶
Overview ¶
Package auditx defines durable audit recording contracts.
auditx is separate from logx. logx emits operational telemetry; auditx writes append-only security records for authentication, authorization and privileged business mutations. Implementations can write to PostgreSQL, Kafka, ClickHouse, object storage or another compliance pipeline.
Package auditx defines Kernel's durable security audit contracts.
Index ¶
Constants ¶
View Source
const ( CodeInvalidRecord = errorx.Code("AUDITX_INVALID_RECORD") CodeStoreFailed = errorx.Code("AUDITX_STORE_FAILED") )
View Source
const ( ResultSuccess = "success" ResultDenied = "denied" ResultFailure = "failure" )
View Source
const ( SeverityInfo = "info" SeverityWarning = "warning" SeverityCritical = "critical" )
Variables ¶
This section is empty.
Functions ¶
func ErrInvalidRecord ¶
func ErrStoreFailed ¶
Types ¶
type AttributeSet ¶
type MemoryStore ¶
type MemoryStore struct {
// contains filtered or unexported fields
}
func NewMemoryStore ¶
func NewMemoryStore() *MemoryStore
func (*MemoryStore) Query ¶
func (s *MemoryStore) Query(ctx context.Context, filter QueryFilter) ([]Record, error)
type QueryFilter ¶
type Queryer ¶
type Queryer interface {
Query(ctx context.Context, filter QueryFilter) ([]Record, error)
}
type Record ¶
type Record struct {
ID string
Time time.Time
Action string
Result string
Severity string
Reason string
Actor Actor
Resource Resource
RequestID string
TraceID string
ClientIP string
UserAgent string
Metadata AttributeSet
}
Record is append-only security evidence. Updates/deletes should create new records rather than mutating previous ones.
type Recorder ¶
Recorder writes durable audit records. Implementations must be safe for concurrent use. Hot-path code should depend on this interface only.
Click to show internal directories.
Click to hide internal directories.