audit

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 17, 2026 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Action 

type Action string

Action types for audit events 

const (
	ActionCreate Action = "create"
	ActionRead   Action = "read"
	ActionUpdate Action = "update"
	ActionDelete Action = "delete"
	ActionAuth   Action = "auth"
	ActionQuery  Action = "query"
)

type AuditLogger 

type AuditLogger struct {
	// contains filtered or unexported fields
}

AuditLogger manages audit log events with a circular buffer

func NewAuditLogger 

func NewAuditLogger(bufferSize int) *AuditLogger

NewAuditLogger creates a new audit logger with specified buffer size

func (*AuditLogger) Clear 

func (l *AuditLogger) Clear()

Clear removes all events from the logger

func (*AuditLogger) GetEventCount 

func (l *AuditLogger) GetEventCount() int64

GetEventCount returns the total number of events currently stored

func (*AuditLogger) GetEvents 

func (l *AuditLogger) GetEvents(filter *Filter) []*Event

GetEvents retrieves audit events with optional filtering

func (*AuditLogger) GetRecentEvents 

func (l *AuditLogger) GetRecentEvents(n int) []*Event

GetRecentEvents returns the N most recent events

func (*AuditLogger) Log 

func (l *AuditLogger) Log(event *Event) error

Log records an audit event

type AuditStatistics 

type AuditStatistics struct {
	TotalEvents   int64     `json:"total_events"`
	TotalFiles    int       `json:"total_files"`
	TotalSize     int64     `json:"total_size_bytes"`
	BytesWritten  int64     `json:"bytes_written"`
	CurrentFile   string    `json:"current_file"`
	LastRotation  time.Time `json:"last_rotation"`
	RetentionDays int       `json:"retention_days"`
}

AuditStatistics holds statistics about the audit logger

type Event 

type Event struct {
	ID           string         `json:"id"`
	Timestamp    time.Time      `json:"timestamp"`
	TenantID     string         `json:"tenant_id,omitempty"` // Multi-tenancy: empty defaults to "default"
	UserID       string         `json:"user_id,omitempty"`
	Username     string         `json:"username,omitempty"`
	Action       Action         `json:"action"`
	ResourceType ResourceType   `json:"resource_type"`
	ResourceID   string         `json:"resource_id,omitempty"`
	Status       Status         `json:"status"`
	ErrorMessage string         `json:"error_message,omitempty"`
	IPAddress    string         `json:"ip_address,omitempty"`
	UserAgent    string         `json:"user_agent,omitempty"`
	Metadata     map[string]any `json:"metadata,omitempty"`
}

Event represents a single audit log entry

func NewEvent 

func NewEvent(userID, username string, action Action, resourceType ResourceType, resourceID string, status Status) *Event

Helper function to create a standard event

func NewEventWithTenant 

func NewEventWithTenant(tenantID, userID, username string, action Action, resourceType ResourceType, resourceID string, status Status) *Event

NewEventWithTenant creates an event with tenant context

func NewFailedEvent 

func NewFailedEvent(userID, username string, action Action, resourceType ResourceType, errorMsg string) *Event

Helper function to create a failed event with error message

func (*Event) String 

func (e *Event) String() string

String returns a human-readable representation of an event

type ExportFormat 

type ExportFormat string

ExportFormat represents the format for exporting audit logs 

const (
	FormatJSON   ExportFormat = "json"
	FormatCSV    ExportFormat = "csv"
	FormatJSONL  ExportFormat = "jsonl" // JSON Lines (one JSON object per line)
	FormatSyslog ExportFormat = "syslog"
)

type ExportOptions 

type ExportOptions struct {
	Format       ExportFormat
	StartTime    *time.Time
	EndTime      *time.Time
	Severity     Severity
	Action       Action
	Username     string
	ResourceType ResourceType
	Limit        int  // Maximum number of events to export (0 = unlimited)
	Pretty       bool // Pretty-print JSON output
}

ExportOptions holds options for exporting audit logs

type Exporter 

type Exporter struct {
	// contains filtered or unexported fields
}

Exporter handles exporting audit logs to various formats

func NewExporter 

func NewExporter(logDir string) *Exporter

NewExporter creates a new audit log exporter

func (*Exporter) Export 

func (e *Exporter) Export(writer io.Writer, options *ExportOptions) error

Export exports audit logs to the specified writer

func (*Exporter) ExportReport 

func (e *Exporter) ExportReport(writer io.Writer, options *ExportOptions) error

ExportReport generates a summary report of audit events

func (*Exporter) ExportToFile 

func (e *Exporter) ExportToFile(filename string, options *ExportOptions) (retErr error)

ExportToFile exports audit logs to a file

type Filter 

type Filter struct {
	TenantID     string // Filter by tenant (empty = all tenants)
	UserID       string
	Username     string
	Action       Action
	ResourceType ResourceType
	ResourceID   string
	Status       Status
	StartTime    *time.Time
	EndTime      *time.Time
}

Filter represents filtering criteria for audit events

type Logger 

type Logger interface {
	// Log records an audit event
	Log(event *Event) error

	// GetEventCount returns the number of events logged
	GetEventCount() int64
}

Logger is the interface for audit logging implementations. Both in-memory AuditLogger and PersistentAuditLogger implement this interface.

type PersistentAuditConfig 

type PersistentAuditConfig struct {
	LogDir        string        // Directory to store audit logs
	RotationSize  int64         // Rotate log file when it exceeds this size (bytes)
	RotationTime  time.Duration // Rotate log file after this duration
	Compress      bool          // Compress rotated log files
	RetentionDays int           // Delete logs older than this many days
}

PersistentAuditConfig holds configuration for persistent audit logging

func DefaultPersistentConfig 

func DefaultPersistentConfig() *PersistentAuditConfig

DefaultPersistentConfig returns default configuration

type PersistentAuditLogger 

type PersistentAuditLogger struct {
	// contains filtered or unexported fields
}

PersistentAuditLogger writes audit logs to disk with tamper detection

func NewPersistentAuditLogger 

func NewPersistentAuditLogger(config *PersistentAuditConfig) (*PersistentAuditLogger, error)

NewPersistentAuditLogger creates a new persistent audit logger

func (*PersistentAuditLogger) Close 

func (l *PersistentAuditLogger) Close() error

Close closes the audit logger

func (*PersistentAuditLogger) GetEventCount 

func (l *PersistentAuditLogger) GetEventCount() int64

GetEventCount returns the total number of events logged in the current file

func (*PersistentAuditLogger) GetStatistics 

func (l *PersistentAuditLogger) GetStatistics() AuditStatistics

GetStatistics returns statistics about the audit logger

func (*PersistentAuditLogger) Log 

func (l *PersistentAuditLogger) Log(event *Event) error

Log writes an event with Info severity (compatible with AuditLogger interface)

func (*PersistentAuditLogger) LogCritical 

func (l *PersistentAuditLogger) LogCritical(event *Event) error

LogCritical writes a critical severity event

func (*PersistentAuditLogger) LogPersistent 

func (l *PersistentAuditLogger) LogPersistent(event *Event, severity Severity) error

LogPersistent writes a persistent audit event to disk

func (*PersistentAuditLogger) LogWarning 

func (l *PersistentAuditLogger) LogWarning(event *Event) error

LogWarning writes a warning severity event

func (*PersistentAuditLogger) VerifyIntegrity 

func (l *PersistentAuditLogger) VerifyIntegrity(filename string) (_ bool, retErr error)

VerifyIntegrity verifies the integrity of audit logs using hash chain

type PersistentEvent 

type PersistentEvent struct {
	*Event
	Severity     Severity `json:"severity"`
	PreviousHash string   `json:"previous_hash,omitempty"` // For tamper detection
	EventHash    string   `json:"event_hash"`              // Hash of this event
}

Enhanced event with additional security fields

type ReportStatistics 

type ReportStatistics struct {
	TotalEvents  int
	BySeverity   map[Severity]int
	ByAction     map[Action]int
	ByStatus     map[Status]int
	TopUsers     []UserStat
	TopResources []ResourceStat
}

ReportStatistics holds statistical data for reports

type ResourceStat 

type ResourceStat struct {
	ResourceType ResourceType
	ResourceID   string
	Count        int
}

ResourceStat holds statistics for a resource

type ResourceType 

type ResourceType string

ResourceType represents the type of resource being accessed 

const (
	ResourceNode       ResourceType = "node"
	ResourceEdge       ResourceType = "edge"
	ResourceQuery      ResourceType = "query"
	ResourceAuth       ResourceType = "auth"
	ResourceUser       ResourceType = "user"
	ResourceKey        ResourceType = "apikey"
	ResourceCompliance ResourceType = "compliance" // F3: masking policy CRUD + audit log queries
)

type Severity 

type Severity string

Severity levels for audit events 

const (
	SeverityInfo     Severity = "info"
	SeverityWarning  Severity = "warning"
	SeverityCritical Severity = "critical"
)

type Status 

type Status string

Status represents the outcome of an action 

const (
	StatusSuccess Status = "success"
	StatusFailure Status = "failure"
)

type UserStat 

type UserStat struct {
	Username string
	Count    int
}

UserStat holds statistics for a user

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.