Documentation
¶
Overview ¶
Package audit provides structured audit logging for agent operations.
All critical agent operations should be logged via this package to enable: - Security monitoring and incident response - Debugging and troubleshooting - Compliance and audit trails - Remote log collection (when configured)
Index ¶
- type ContextLogger
- type Event
- type EventType
- type Logger
- func (l *Logger) ChunkUploaded(reportID string, chunkIndex, totalChunks int, size int)
- func (l *Logger) Error(eventType EventType, message string, err error, details map[string]interface{})
- func (l *Logger) Flush()
- func (l *Logger) Info(eventType EventType, message string, details map[string]interface{})
- func (l *Logger) JobCompleted(jobID string, duration time.Duration, details map[string]interface{})
- func (l *Logger) JobFailed(jobID string, err error, details map[string]interface{})
- func (l *Logger) JobStarted(jobID, jobType string, details map[string]interface{})
- func (l *Logger) Log(event Event)
- func (l *Logger) ResourceThrottle(reason string, metrics map[string]interface{})
- func (l *Logger) SetRemoteSender(sender func([]Event) error)
- func (l *Logger) Start()
- func (l *Logger) Stop() error
- func (l *Logger) WithContext(ctx context.Context, jobID, reportID string) *ContextLogger
- type LoggerConfig
- type Severity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ContextLogger ¶
type ContextLogger struct {
// contains filtered or unexported fields
}
ContextLogger wraps Logger with context information.
type Event ¶
type Event struct {
Timestamp time.Time `json:"timestamp"`
Type EventType `json:"type"`
Severity Severity `json:"severity"`
AgentID string `json:"agent_id,omitempty"`
TenantID string `json:"tenant_id,omitempty"`
JobID string `json:"job_id,omitempty"`
ReportID string `json:"report_id,omitempty"`
Message string `json:"message"`
Error string `json:"error,omitempty"`
Duration time.Duration `json:"duration_ms,omitempty"`
Details map[string]interface{} `json:"details,omitempty"`
}
Event represents an audit event.
type EventType ¶
type EventType string
EventType represents the type of audit event.
const ( // Lifecycle events EventAgentStart EventType = "agent_start" EventAgentStop EventType = "agent_stop" EventAgentError EventType = "agent_error" // Job events EventJobReceived EventType = "job_received" EventJobStarted EventType = "job_started" EventJobCompleted EventType = "job_completed" EventJobFailed EventType = "job_failed" EventJobTimeout EventType = "job_timeout" // Scan events EventScanStarted EventType = "scan_started" EventScanCompleted EventType = "scan_completed" EventScanFailed EventType = "scan_failed" // Upload events EventUploadStarted EventType = "upload_started" EventUploadCompleted EventType = "upload_completed" EventUploadFailed EventType = "upload_failed" EventUploadRetry EventType = "upload_retry" // Chunk events EventChunkCreated EventType = "chunk_created" EventChunkUploaded EventType = "chunk_uploaded" EventChunkFailed EventType = "chunk_failed" EventChunkCleanup EventType = "chunk_cleanup" // Resource events EventResourceThrottle EventType = "resource_throttle" EventResourceResume EventType = "resource_resume" EventResourceWarning EventType = "resource_warning" // Security events EventAuthFailed EventType = "auth_failed" EventRateLimited EventType = "rate_limited" EventValidationError EventType = "validation_error" )
type Logger ¶
type Logger struct {
// contains filtered or unexported fields
}
Logger is the audit logger.
func NewLogger ¶
func NewLogger(config *LoggerConfig) (*Logger, error)
NewLogger creates a new audit logger.
func (*Logger) ChunkUploaded ¶
ChunkUploaded logs a chunk upload event.
func (*Logger) Error ¶
func (l *Logger) Error(eventType EventType, message string, err error, details map[string]interface{})
Error logs an error event.
func (*Logger) JobCompleted ¶
JobCompleted logs a job completion event.
func (*Logger) JobStarted ¶
JobStarted logs a job start event.
func (*Logger) ResourceThrottle ¶
ResourceThrottle logs a resource throttling event.
func (*Logger) SetRemoteSender ¶
SetRemoteSender sets the callback for sending events to a remote endpoint.
func (*Logger) WithContext ¶
func (l *Logger) WithContext(ctx context.Context, jobID, reportID string) *ContextLogger
WithContext returns a context-aware logger wrapper.
type LoggerConfig ¶
type LoggerConfig struct {
// AgentID is the agent identifier included in all events.
AgentID string
// TenantID is the tenant identifier (if known).
TenantID string
// LogFile is the path to the audit log file.
// Default: ~/.openctem/audit.log
LogFile string
// MaxSizeMB is the maximum log file size before rotation.
// Default: 100MB
MaxSizeMB int
// MaxAgeDays is the maximum age of log files before deletion.
// Default: 30 days
MaxAgeDays int
// RemoteEndpoint is the URL for remote log collection (optional).
RemoteEndpoint string
// BufferSize is the number of events to buffer before flushing.
// Default: 100
BufferSize int
// FlushInterval is how often to flush buffered events.
// Default: 5 seconds
FlushInterval time.Duration
// Verbose enables console output of audit events.
Verbose bool
}
LoggerConfig configures the audit logger.
func DefaultLoggerConfig ¶
func DefaultLoggerConfig() *LoggerConfig
DefaultLoggerConfig returns sensible defaults.
Source Files
Click to show internal directories.
Click to hide internal directories.