Documentation
¶
Index ¶
- type QueryOptions
- type Record
- type RecordBuilder
- func (b *RecordBuilder) Build() *Record
- func (b *RecordBuilder) WithAgent(agentID, agentName, capabilities string) *RecordBuilder
- func (b *RecordBuilder) WithDecision(allowed bool, matchedRule, violations, policyMode string) *RecordBuilder
- func (b *RecordBuilder) WithEnvironment(sourceIP, environment string) *RecordBuilder
- func (b *RecordBuilder) WithIdentity(verified bool, did string) *RecordBuilder
- func (b *RecordBuilder) WithMethod(method, tool, resourceURI, arguments string) *RecordBuilder
- func (b *RecordBuilder) WithRequest(requestID, sessionID string) *RecordBuilder
- func (b *RecordBuilder) WithTiming(latencyMs float64) *RecordBuilder
- type Stats
- type Store
- func (s *Store) Close() error
- func (s *Store) GetStats(ctx context.Context, since *time.Time) (*Stats, error)
- func (s *Store) Insert(ctx context.Context, record *Record) error
- func (s *Store) InsertBatch(ctx context.Context, records []*Record) error
- func (s *Store) Ping(ctx context.Context) error
- func (s *Store) Prune(ctx context.Context, olderThan time.Duration) (int64, error)
- func (s *Store) Query(ctx context.Context, opts QueryOptions) ([]*Record, error)
- type StoreConfig
- type Writer
- type WriterConfig
- type WriterStats
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type QueryOptions ¶
type QueryOptions struct {
// Time range
StartTime *time.Time
EndTime *time.Time
// Filters
AgentID string
SessionID string
Method string
Tool string
Allowed *bool
// Pagination
Limit int
Offset int
// Ordering
OrderBy string // "timestamp", "agent_id", etc.
OrderDesc bool
}
QueryOptions for filtering audit records.
type Record ¶
type Record struct {
// Identifiers
ID int64 `json:"id"`
RequestID string `json:"request_id"`
SessionID string `json:"session_id"`
// Timing
Timestamp time.Time `json:"timestamp"`
Latency float64 `json:"latency_ms"`
// Agent info
AgentID string `json:"agent_id"`
AgentName string `json:"agent_name,omitempty"`
Capabilities string `json:"capabilities,omitempty"` // JSON array as string
// Request info
Method string `json:"method"`
Tool string `json:"tool,omitempty"`
ResourceURI string `json:"resource_uri,omitempty"`
Arguments string `json:"arguments,omitempty"` // JSON as string
// Identity info
IdentityVerified bool `json:"identity_verified"`
DID string `json:"did,omitempty"`
// Policy decision
Allowed bool `json:"allowed"`
MatchedRule string `json:"matched_rule,omitempty"`
Violations string `json:"violations,omitempty"` // JSON array as string
PolicyMode string `json:"policy_mode"`
// Environment
SourceIP string `json:"source_ip,omitempty"`
Environment string `json:"environment,omitempty"`
}
Record represents a single audit log entry.
type RecordBuilder ¶
type RecordBuilder struct {
// contains filtered or unexported fields
}
RecordBuilder helps construct audit records.
func NewRecordBuilder ¶
func NewRecordBuilder() *RecordBuilder
NewRecordBuilder creates a new record builder.
func (*RecordBuilder) Build ¶
func (b *RecordBuilder) Build() *Record
Build returns the constructed record.
func (*RecordBuilder) WithAgent ¶
func (b *RecordBuilder) WithAgent(agentID, agentName, capabilities string) *RecordBuilder
WithAgent sets agent information.
func (*RecordBuilder) WithDecision ¶
func (b *RecordBuilder) WithDecision(allowed bool, matchedRule, violations, policyMode string) *RecordBuilder
WithDecision sets the policy decision.
func (*RecordBuilder) WithEnvironment ¶
func (b *RecordBuilder) WithEnvironment(sourceIP, environment string) *RecordBuilder
WithEnvironment sets environment context.
func (*RecordBuilder) WithIdentity ¶
func (b *RecordBuilder) WithIdentity(verified bool, did string) *RecordBuilder
WithIdentity sets identity information.
func (*RecordBuilder) WithMethod ¶
func (b *RecordBuilder) WithMethod(method, tool, resourceURI, arguments string) *RecordBuilder
WithMethod sets the request method and details.
func (*RecordBuilder) WithRequest ¶
func (b *RecordBuilder) WithRequest(requestID, sessionID string) *RecordBuilder
WithRequest sets request identifiers.
func (*RecordBuilder) WithTiming ¶
func (b *RecordBuilder) WithTiming(latencyMs float64) *RecordBuilder
WithTiming sets timing information.
type Stats ¶
type Stats struct {
TotalRequests int64 `json:"total_requests"`
AllowedRequests int64 `json:"allowed_requests"`
DeniedRequests int64 `json:"denied_requests"`
UniqueAgents int64 `json:"unique_agents"`
UniqueSessions int64 `json:"unique_sessions"`
AvgLatencyMs float64 `json:"avg_latency_ms"`
}
Stats contains aggregate statistics.
type Store ¶
type Store struct {
// contains filtered or unexported fields
}
Store provides SQLite-based audit log storage.
func NewStore ¶
func NewStore(cfg StoreConfig) (*Store, error)
NewStore creates a new SQLite audit store.
func (*Store) InsertBatch ¶
InsertBatch inserts multiple records in a single transaction.
type StoreConfig ¶
type StoreConfig struct {
DBPath string // Path to SQLite file, ":memory:" for in-memory
}
StoreConfig holds configuration for the audit store.
type Writer ¶
type Writer struct {
// contains filtered or unexported fields
}
Writer provides async buffered writing of audit records.
func NewWriter ¶
func NewWriter(store *Store, cfg WriterConfig) *Writer
NewWriter creates a new async audit writer.
func (*Writer) Stats ¶
func (w *Writer) Stats() WriterStats
Stats returns current writer statistics.
type WriterConfig ¶
type WriterConfig struct {
BufferSize int // Max records to buffer before flush
FlushInterval time.Duration // How often to flush
}
WriterConfig holds configuration for the audit writer.
Source Files
Click to show internal directories.
Click to hide internal directories.