README
¶
audit — async SQLite audit logging
audit records endpoint calls to an audit_log table with async buffering.
A kit middleware captures duration, parameters, result, and error automatically.
Quick start
logger := audit.NewSQLiteLogger(db,
audit.WithIDGenerator(idgen.Prefixed("aud_", idgen.Default)),
)
logger.Init()
defer logger.Close()
// Wrap any kit.Endpoint — captures timing, params, result, user, transport.
endpoint = kit.Chain(
audit.Middleware(logger, "create_dossier"),
)(endpoint)
How it works
- The middleware calls the next endpoint, measures wall-clock time, and builds
an
Entryfrom the context (kit.GetUserID,kit.GetTransport, etc.). - The entry is sent to
LogAsync, which pushes it to a 256-capacity channel. - A background goroutine collects entries in batches of 32 or flushes every 500 ms, inserting them into SQLite.
- If the channel is full, the entry is dropped with a warning log.
Schema
CREATE TABLE audit_log (
entry_id TEXT PRIMARY KEY,
timestamp INTEGER NOT NULL,
action TEXT NOT NULL,
transport TEXT NOT NULL DEFAULT 'http',
user_id TEXT,
request_id TEXT,
parameters TEXT,
result TEXT,
error_message TEXT,
duration_ms INTEGER,
status TEXT NOT NULL DEFAULT 'success'
);
Indexes on timestamp, action, user_id.
Exported API
| Symbol | Description |
|---|---|
SQLiteLogger |
Async audit writer (256-entry buffer, 32-batch, 500 ms flush) |
NewSQLiteLogger(db, opts) |
Create logger and start flush goroutine |
Entry |
Audit trail record |
Logger |
Interface: Log, LogAsync, Close |
Middleware(logger, action) |
Kit middleware capturing endpoint metadata |
WithIDGenerator(gen) |
Option to override ID generation |
Documentation
¶
Index ¶
Constants ¶
View Source
const Schema = `` /* 522-byte string literal not displayed */
Variables ¶
This section is empty.
Functions ¶
func Middleware ¶
func Middleware(logger Logger, actionName string) kit.Middleware
Middleware wraps an Endpoint: measures duration, captures params/result/error, and logs asynchronously via the Logger.
Types ¶
type Entry ¶
type Entry struct {
EntryID string `json:"entry_id"`
Timestamp int64 `json:"timestamp"`
Action string `json:"action"`
Transport string `json:"transport"` // "http" or "mcp_quic"
UserID string `json:"user_id"`
RequestID string `json:"request_id"`
Parameters string `json:"parameters"`
Result string `json:"result"`
Error string `json:"error_message"`
DurationMs int64 `json:"duration_ms"`
Status string `json:"status"` // "success" or "error"
}
Entry records a single action for the audit trail.
type Logger ¶
type Logger interface {
Log(ctx context.Context, entry *Entry) error
LogAsync(entry *Entry)
Close() error
}
Logger writes audit entries to storage.
type Option ¶
type Option func(*SQLiteLogger)
Option configures a SQLiteLogger.
func WithIDGenerator ¶
WithIDGenerator sets a custom ID generator for audit entry IDs.
type SQLiteLogger ¶
type SQLiteLogger struct {
// contains filtered or unexported fields
}
SQLiteLogger writes audit entries to the audit_log table asynchronously.
func NewSQLiteLogger ¶
func NewSQLiteLogger(sqlDB *sql.DB, opts ...Option) *SQLiteLogger
func (*SQLiteLogger) Close ¶
func (l *SQLiteLogger) Close() error
func (*SQLiteLogger) Init ¶
func (l *SQLiteLogger) Init() error
func (*SQLiteLogger) LogAsync ¶
func (l *SQLiteLogger) LogAsync(entry *Entry)
Source Files
Click to show internal directories.
Click to hide internal directories.