audit

package

v0.0.1-rc3 Latest Latest Go to latest Published: Apr 27, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/JoshuaMart/websec0

Links

Open Source Insights

Documentation ¶

Overview ¶

Package audit writes anonymised scan-event records to an append-only log. Operators rotate the file via logrotate / journald; the package itself only cares about anonymisation and serialization.

SPECIFICATIONS.md §9.4 (privacy by design):

source IP is masked: IPv4 last octet zeroed, IPv6 last 64 bits zeroed
hostname is hashed (SHA-256, 16-hex-char prefix), never written in clear

Index ¶

func HashHost(host string) string
func MaskIP(s string) string
type Event
type Logger
- func FromPath(path string) (*Logger, error)
- func NewLogger(w io.Writer) *Logger
- func (l *Logger) Record(e Event)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func HashHost ¶

func HashHost(host string) string

HashHost returns the first 16 hex chars of SHA-256(host) — enough entropy to dedupe but not enough to brute-force back from a leaked log file.

func MaskIP ¶

func MaskIP(s string) string

MaskIP applies SPECIFICATIONS.md §9.5: IPv4 last octet zeroed, IPv6 reduced to its /64 prefix. Inputs that don't parse return "invalid".

Types ¶

type Event ¶

type Event struct {
	TimestampUTC time.Time `json:"ts"`
	Decision     string    `json:"decision"`
	HostHash     string    `json:"host_hash"`
	IPMasked     string    `json:"ip_masked"`
	ScanID       string    `json:"scan_id,omitempty"`
	Reason       string    `json:"reason,omitempty"`
}

Event is a structured scan record. Decision is one of "accepted", "blocked", "cached", "cooldown", "rate_limited", "abuse_flagged".

type Logger ¶

type Logger struct {
	// contains filtered or unexported fields
}

Logger appends scan-event records to a writer. Concurrent-safe.

func FromPath ¶

func FromPath(path string) (*Logger, error)

FromPath opens path in append mode. Returns a no-op Logger when path is empty.

func NewLogger ¶

func NewLogger(w io.Writer) *Logger

NewLogger returns a Logger writing to w. Pass os.Stderr or open a rotating file. nil disables auditing (Logger.Record becomes a no-op).

func (*Logger) Record ¶

func (l *Logger) Record(e Event)

Record writes one event. Errors are swallowed — auditing must never break the request path.

Source Files ¶

View all Source files

audit.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL