Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Action ¶
type Action string
Action identifies the type of audit event.
const ( ActionAppCreate Action = "app.create" ActionAppUpdate Action = "app.update" ActionAppDelete Action = "app.delete" ActionAppStart Action = "app.start" ActionAppStop Action = "app.stop" ActionBundleUpload Action = "bundle.upload" ActionBundleRestoreOK Action = "bundle.restore.success" ActionBundleRestoreFail Action = "bundle.restore.fail" ActionAppRollback Action = "app.rollback" ActionAppRestore Action = "app.restore" ActionAccessGrant Action = "access.grant" ActionAccessRevoke Action = "access.revoke" ActionCredentialEnroll Action = "credential.enroll" //nolint:gosec // G101: audit action name, not a credential ActionUserLogin Action = "user.login" ActionUserLogout Action = "user.logout" ActionUserUpdate Action = "user.update" ActionTokenCreate Action = "token.create" ActionTokenRevoke Action = "token.revoke" ActionTokenRevokeAll Action = "token.revoke_all" ActionAppRename Action = "app.rename" )
type Entry ¶
type Entry struct {
Timestamp string `json:"ts"`
Action Action `json:"action"`
Actor string `json:"actor"`
Target string `json:"target,omitempty"`
Detail map[string]any `json:"detail,omitempty"`
SourceIP string `json:"source_ip,omitempty"`
}
Entry is a single audit log record.
type Log ¶
type Log struct {
// contains filtered or unexported fields
}
Log is an append-only audit log backed by a JSON Lines file. Writes are buffered via a channel and flushed by a background goroutine.
func New ¶
New creates an audit log. The background writer must be started with Run(). If path is empty, returns nil. metrics may be nil in tests that do not care about observability; production callers should always pass the server's telemetry.Metrics instance.
Source Files
Click to show internal directories.
Click to hide internal directories.