audit

package

v1.10.1 Latest Latest Go to latest Published: Feb 27, 2026 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dkmnx/kairo

Links

Open Source Insights

Documentation ¶

Index ¶

type AuditEntry
type Change
type Logger
- func NewLogger(configDir string) (*Logger, error)
type RotateOptions
- func DefaultRotateOptions() RotateOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuditEntry ¶

type AuditEntry struct {
	Timestamp time.Time              `json:"timestamp"`
	Event     string                 `json:"event"`
	Provider  string                 `json:"provider,omitempty"`
	Action    string                 `json:"action,omitempty"`
	Status    string                 `json:"status,omitempty"`
	Error     string                 `json:"error,omitempty"`
	Details   map[string]interface{} `json:"details,omitempty"`
	Changes   []Change               `json:"changes,omitempty"`
	// Context fields for traceability
	Hostname  string `json:"hostname,omitempty"`
	Username  string `json:"username,omitempty"`
	SessionID string `json:"session_id,omitempty"`
}

type Change ¶

type Change struct {
	Field string `json:"field"`
	Old   string `json:"old,omitempty"`
	New   string `json:"new,omitempty"`
}

type Logger ¶

type Logger struct {
	// contains filtered or unexported fields
}

func NewLogger ¶

func NewLogger(configDir string) (*Logger, error)

func (*Logger) Close ¶ added in v1.5.0

func (l *Logger) Close() error

Close closes the log file. Must be called when the logger is no longer needed.

func (*Logger) LoadEntries ¶

func (l *Logger) LoadEntries() ([]AuditEntry, error)

LoadEntries reads and parses all audit entries from the log file.

This method reads the entire audit log, parses each JSON line, and returns all entries as a slice. Empty lines are skipped. The log file is opened in read-only mode.

Parameters:

none (method receiver only)

Returns:

[]AuditEntry: Slice of all audit entries in chronological order
error: Returns error if unable to read or parse audit log

Error conditions:

Returns error when audit log file cannot be read (e.g., permissions, file not found)
Returns error if any JSON line cannot be parsed (e.g., corrupted log file)

Thread Safety: Thread-safe (uses RWMutex to allow concurrent reads) Security Notes: Returns all audit entries including potentially sensitive data

func (*Logger) LogConfig ¶

func (l *Logger) LogConfig(provider, action string, changes []Change) error

LogConfig logs a configuration change event to the audit log.

This method creates an audit entry recording when a provider's configuration is modified (added, updated, or changed). The entry includes provider name, action type (add/update), and list of changed fields with old and new values.

Parameters:

provider: Name of the provider being configured
action: Type of configuration action (e.g., "add", "update", "change")
changes: List of fields that were changed with old/new values

Returns:

error: Returns error if unable to write to audit log

Error conditions:

Returns error when audit log file cannot be written (e.g., permissions, disk full)

Thread Safety: Thread-safe (uses mutex in writeEntry)

func (*Logger) LogDefault ¶

func (l *Logger) LogDefault(provider string) error

func (*Logger) LogFailure ¶ added in v1.5.0

func (l *Logger) LogFailure(event, provider, errMsg string, details map[string]interface{}) error

LogFailure logs a failed operation with error details

func (*Logger) LogMigration ¶ added in v1.6.0

func (l *Logger) LogMigration(details map[string]interface{}) error

LogMigration logs a configuration file migration event

func (*Logger) LogReset ¶

func (l *Logger) LogReset(provider string) error

func (*Logger) LogRotate ¶

func (l *Logger) LogRotate(provider string) error

func (*Logger) LogSetup ¶

func (l *Logger) LogSetup(provider string) error

func (*Logger) LogSuccess ¶ added in v1.5.0

func (l *Logger) LogSuccess(event, provider string, details map[string]interface{}) error

LogSuccess logs a successful operation with optional details

func (*Logger) LogSwitch ¶

func (l *Logger) LogSwitch(provider string) error

LogSwitch logs a provider switch event to the audit log.

This method creates an audit entry recording when a user switches to a different provider. The entry includes the provider name and timestamp.

Parameters:

provider: Name of the provider being switched to

Returns:

error: Returns error if unable to write to audit log

Error conditions:

Returns error when audit log file cannot be written (e.g., permissions, disk full)

Thread Safety: Thread-safe (uses mutex in writeEntry)

func (*Logger) RotateLog ¶ added in v1.10.0

func (l *Logger) RotateLog(opts ...RotateOptions) (bool, error)

RotateLog rotates the audit log if it exceeds size or age limits. Old log files are renamed with a timestamp suffix. Returns true if rotation occurred, false otherwise.

type RotateOptions ¶ added in v1.10.0

type RotateOptions struct {
	// MaxSize is the maximum size in bytes before rotating (default: 10MB)
	MaxSize int64
	// MaxAge is the maximum age in days before rotating (default: 30 days)
	MaxAge int
	// MaxBackups is the number of old log files to keep (default: 5)
	MaxBackups int
}

RotateOptions contains configuration options for log rotation.

func DefaultRotateOptions ¶ added in v1.10.0

func DefaultRotateOptions() RotateOptions

DefaultRotateOptions returns sensible defaults for log rotation.

Source Files ¶

View all Source files

audit.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL