audit

package

v0.1.0 Latest Latest Go to latest Published: Mar 6, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gatblau/volta

Links

Open Source Insights

Documentation ¶

Overview ¶

audit/file_logger.go

Index ¶

type Config
type ConfigType
type Event
type FileLogger
- func NewFileLogger(config *Config) (*FileLogger, error)
type FileOptions
type Logger
- func NewLogger(config *Config) (Logger, error)
- func NewNoOpLogger() Logger
type NoOpLogger
type QueryOptions
type QueryResult
type SyslogLogger
- func NewSyslogLogger(config *Config) (*SyslogLogger, error)
type SyslogOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Enabled  bool                   `json:"enabled"`
	TenantID string                 `json:"tenant_id"`
	Type     ConfigType             `json:"type"`    // "file", "database", "syslog", etc.
	Options  map[string]interface{} `json:"options"` // Provider-specific options
	LogLevel string                 `json:"log_level,omitempty"`
}

Config defines audit logging configuration

type ConfigType ¶

type ConfigType string

const (
	FileAuditType   ConfigType = "file"
	SyslogAuditType ConfigType = "syslog"
	NoOp            ConfigType = ""
)

type Event ¶

type Event struct {
	ID        string                 `json:"id"`
	RequestID string                 `json:"request_id"`
	Timestamp time.Time              `json:"timestamp"`
	TenantID  string                 `json:"tenant_id"`
	Action    string                 `json:"action"`
	Success   bool                   `json:"success"`
	Error     string                 `json:"error,omitempty"`
	SecretID  string                 `json:"secret_id,omitempty"`
	KeyID     string                 `json:"key_id,omitempty"`
	Metadata  map[string]interface{} `json:"metadata,omitempty"`
	UserID    string                 `json:"user_id,omitempty"`
	Source    string                 `json:"source,omitempty"` // IP, hostname, etc.
	SessionID string                 `json:"session_id,omitempty"`
	Command   string                 `json:"command,omitempty"`
	Duration  int64                  `json:"duration_ms,omitempty"`
}

Event represents an audit log event

type FileLogger ¶

type FileLogger struct {
	// contains filtered or unexported fields
}

func NewFileLogger ¶

func NewFileLogger(config *Config) (*FileLogger, error)

NewFileLogger creates a new file-based audit logger

func (*FileLogger) Close ¶

func (fl *FileLogger) Close() error

Close implements the Logger interface

func (*FileLogger) Log ¶

func (fl *FileLogger) Log(action string, success bool, metadata map[string]interface{}) error

Log implements the Logger interface

func (*FileLogger) Query ¶

func (fl *FileLogger) Query(options QueryOptions) (QueryResult, error)

Query implements the Querier interface

type FileOptions ¶

type FileOptions struct {
	FilePath   string `json:"file_path"`
	MaxSize    int    `json:"max_size,omitempty"`    // Max size in MB
	MaxBackups int    `json:"max_backups,omitempty"` // Max backup files
	MaxAge     int    `json:"max_age,omitempty"`     // Max age in days
}

type Logger ¶

type Logger interface {
	Log(action string, success bool, metadata map[string]interface{}) error
	Query(options QueryOptions) (QueryResult, error)
	Close() error
}

Logger interface for pluggable audit implementations

func NewLogger ¶

func NewLogger(config *Config) (Logger, error)

NewLogger creates an appropriate logger based on configuration

func NewNoOpLogger ¶

func NewNoOpLogger() Logger

type NoOpLogger ¶

type NoOpLogger struct{}

NoOpLogger is a no-op implementation for when auditing is disabled

func (*NoOpLogger) Close ¶

func (n *NoOpLogger) Close() error

func (*NoOpLogger) Log ¶

func (n *NoOpLogger) Log(action string, success bool, metadata map[string]interface{}) error

func (*NoOpLogger) LogKeyOperation ¶

func (n *NoOpLogger) LogKeyOperation(action, keyID string, success bool, error string) error

func (*NoOpLogger) LogSecretAccess ¶

func (n *NoOpLogger) LogSecretAccess(action, secretID string, success bool, error string) error

func (*NoOpLogger) Query ¶

func (n *NoOpLogger) Query(options QueryOptions) (QueryResult, error)

type QueryOptions ¶

type QueryOptions struct {
	TenantID         string
	Since            *time.Time
	Until            *time.Time
	Action           string
	Success          *bool // nil = all, true = only success, false = only failures
	SecretID         string
	KeyID            string
	Limit            int
	Offset           int
	PassphraseAccess bool // Filter for passphrase-related events
}

QueryOptions for filtering audit logs

type QueryResult ¶

type QueryResult struct {
	Events     []Event `json:"events"`
	TotalCount int     `json:"total_count"`
	Filtered   int     `json:"filtered"`
	HasMore    bool    `json:"has_more"`
}

QueryResult contains the results of an audit query

type SyslogLogger ¶

type SyslogLogger struct {
	// contains filtered or unexported fields
}

SyslogLogger implements AuditLogger for syslog

func NewSyslogLogger ¶

func NewSyslogLogger(config *Config) (*SyslogLogger, error)

NewSyslogLogger creates a new syslog audit logger with options

func (*SyslogLogger) Close ¶

func (s *SyslogLogger) Close() error

func (*SyslogLogger) Log ¶

func (s *SyslogLogger) Log(action string, success bool, metadata map[string]interface{}) error

func (*SyslogLogger) Query ¶

func (s *SyslogLogger) Query(options QueryOptions) (QueryResult, error)

Query implementation for syslog - limited capability since syslog is write-only

type SyslogOptions ¶

type SyslogOptions struct {
	Network  string `json:"network"`  // "tcp", "udp", ""
	Address  string `json:"address"`  // "localhost:514"
	Priority int    `json:"priority"` // syslog.LOG_INFO, etc.
	Tag      string `json:"tag"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL