Documentation
¶
Overview ¶
Package audit provides comprehensive security audit logging functionality
Index ¶
- type AuditEvent
- func (e *AuditEvent) AsSystemGenerated() *AuditEvent
- func (e *AuditEvent) WithChanges(changes map[string]interface{}) *AuditEvent
- func (e *AuditEvent) WithDuration(durationMs int64) *AuditEvent
- func (e *AuditEvent) WithIPAddress(ipAddress string) *AuditEvent
- func (e *AuditEvent) WithMetadata(key string, value interface{}) *AuditEvent
- func (e *AuditEvent) WithRequestID(requestID string) *AuditEvent
- func (e *AuditEvent) WithResourceID(resourceID string) *AuditEvent
- func (e *AuditEvent) WithSessionID(sessionID string) *AuditEvent
- func (e *AuditEvent) WithSeverity(severity common.AuditSeverity) *AuditEvent
- func (e *AuditEvent) WithStatus(status string) *AuditEvent
- func (e *AuditEvent) WithTags(tags ...string) *AuditEvent
- func (e *AuditEvent) WithUserAgent(userAgent string) *AuditEvent
- func (e *AuditEvent) WithUserInfo(userID, username string) *AuditEvent
- type AuditLogger
- type AuditManager
- type AuditQueryFilter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuditEvent ¶
type AuditEvent struct {
// Unique identifier for the audit event
ID string `json:"id"`
// Time when the event occurred
Timestamp time.Time `json:"timestamp"`
// User who performed the action
UserID string `json:"user_id,omitempty"`
// Username of the user who performed the action
Username string `json:"username,omitempty"`
// Type of action performed
Action common.AuditAction `json:"action"`
// Resource type that was acted upon
Resource string `json:"resource"`
// Specific resource identifier
ResourceID string `json:"resource_id,omitempty"`
// Human-readable description of the event
Description string `json:"description"`
// IP address where the action originated
IPAddress string `json:"ip_address,omitempty"`
// User agent of the client
UserAgent string `json:"user_agent,omitempty"`
// Severity level of the event
Severity common.AuditSeverity `json:"severity"`
// Status of the action (success, failure, etc.)
Status string `json:"status"`
// Session identifier
SessionID string `json:"session_id,omitempty"`
// Additional metadata about the event
Metadata map[string]interface{} `json:"metadata,omitempty"`
// Changes made during the event (for update operations)
Changes map[string]interface{} `json:"changes,omitempty"`
// Request ID for correlating multiple events in a single request
RequestID string `json:"request_id,omitempty"`
// Duration of the operation in milliseconds
DurationMs int64 `json:"duration_ms,omitempty"`
// Whether the event was generated by the system
SystemGenerated bool `json:"system_generated,omitempty"`
// Tags for categorizing and filtering events
Tags []string `json:"tags,omitempty"`
}
AuditEvent represents a security audit event
func NewAuditEvent ¶
func NewAuditEvent(action common.AuditAction, resource string, description string) *AuditEvent
NewAuditEvent creates a new audit event with default values
func (*AuditEvent) AsSystemGenerated ¶
func (e *AuditEvent) AsSystemGenerated() *AuditEvent
AsSystemGenerated marks the event as system-generated
func (*AuditEvent) WithChanges ¶
func (e *AuditEvent) WithChanges(changes map[string]interface{}) *AuditEvent
WithChanges adds changes information to the audit event
func (*AuditEvent) WithDuration ¶
func (e *AuditEvent) WithDuration(durationMs int64) *AuditEvent
WithDuration adds operation duration to the audit event
func (*AuditEvent) WithIPAddress ¶
func (e *AuditEvent) WithIPAddress(ipAddress string) *AuditEvent
WithIPAddress adds IP address to the audit event
func (*AuditEvent) WithMetadata ¶
func (e *AuditEvent) WithMetadata(key string, value interface{}) *AuditEvent
WithMetadata adds metadata to the audit event
func (*AuditEvent) WithRequestID ¶
func (e *AuditEvent) WithRequestID(requestID string) *AuditEvent
WithRequestID adds request ID to the audit event
func (*AuditEvent) WithResourceID ¶
func (e *AuditEvent) WithResourceID(resourceID string) *AuditEvent
WithResourceID adds resource ID to the audit event
func (*AuditEvent) WithSessionID ¶
func (e *AuditEvent) WithSessionID(sessionID string) *AuditEvent
WithSessionID adds session ID to the audit event
func (*AuditEvent) WithSeverity ¶
func (e *AuditEvent) WithSeverity(severity common.AuditSeverity) *AuditEvent
WithSeverity sets the severity of the audit event
func (*AuditEvent) WithStatus ¶
func (e *AuditEvent) WithStatus(status string) *AuditEvent
WithStatus sets the status of the audit event
func (*AuditEvent) WithTags ¶
func (e *AuditEvent) WithTags(tags ...string) *AuditEvent
WithTags adds tags to the audit event
func (*AuditEvent) WithUserAgent ¶
func (e *AuditEvent) WithUserAgent(userAgent string) *AuditEvent
WithUserAgent adds user agent to the audit event
func (*AuditEvent) WithUserInfo ¶
func (e *AuditEvent) WithUserInfo(userID, username string) *AuditEvent
WithUserInfo adds user information to the audit event
type AuditLogger ¶
type AuditLogger struct {
// contains filtered or unexported fields
}
AuditLogger provides logging functionality for security auditing
func NewAuditLogger ¶ added in v0.8.0
func NewAuditLogger(writer io.Writer) *AuditLogger
NewAuditLogger creates a new audit logger
func (*AuditLogger) Log ¶ added in v0.8.0
func (l *AuditLogger) Log(ctx context.Context, level, message string) error
Log writes an audit log entry
func (*AuditLogger) LogEvent ¶ added in v0.8.0
func (l *AuditLogger) LogEvent(event, component, id string, details map[string]interface{})
LogEvent logs an audit event
func (*AuditLogger) LogEventWithStatus ¶ added in v0.8.0
func (l *AuditLogger) LogEventWithStatus(event, component, id, status string, details map[string]interface{})
LogEventWithStatus logs an audit event with status
type AuditManager ¶
type AuditManager struct {
// contains filtered or unexported fields
}
AuditManager manages audit logging across the system
func NewAuditManager ¶
func NewAuditManager(logger *AuditLogger) *AuditManager
NewAuditManager creates a new audit manager
func (*AuditManager) LogAccess ¶ added in v0.8.0
func (m *AuditManager) LogAccess(ctx context.Context, userID, resource, action string) error
LogAccess logs an access event
func (*AuditManager) LogEvent ¶ added in v0.8.0
func (m *AuditManager) LogEvent(ctx context.Context, event *AuditEvent) error
LogEvent logs an audit event
func (*AuditManager) LogSecurity ¶ added in v0.8.0
func (m *AuditManager) LogSecurity(ctx context.Context, eventType, details string) error
LogSecurity logs a security event
type AuditQueryFilter ¶
type AuditQueryFilter struct {
// User ID to filter by
UserID string `json:"user_id,omitempty"`
// Username to filter by
Username string `json:"username,omitempty"`
// Action to filter by
Action common.AuditAction `json:"action,omitempty"`
// Resource type to filter by
Resource string `json:"resource,omitempty"`
// Resource ID to filter by
ResourceID string `json:"resource_id,omitempty"`
// IP address to filter by
IPAddress string `json:"ip_address,omitempty"`
// Minimum severity level to include
MinSeverity common.AuditSeverity `json:"min_severity,omitempty"`
// Maximum severity level to include
MaxSeverity common.AuditSeverity `json:"max_severity,omitempty"`
// Status to filter by
Status string `json:"status,omitempty"`
// Session ID to filter by
SessionID string `json:"session_id,omitempty"`
// Start time for the query range
StartTime time.Time `json:"start_time,omitempty"`
// End time for the query range
EndTime time.Time `json:"end_time,omitempty"`
// Maximum number of results to return
Limit int `json:"limit,omitempty"`
// Number of results to skip
Offset int `json:"offset,omitempty"`
// Field to sort by
SortBy string `json:"sort_by,omitempty"`
// Sort order (asc or desc)
SortOrder string `json:"sort_order,omitempty"`
// Tags to filter by (must match all)
Tags []string `json:"tags,omitempty"`
// Request ID to filter by
RequestID string `json:"request_id,omitempty"`
// Whether to include system-generated events
IncludeSystemGenerated bool `json:"include_system_generated,omitempty"`
// Full-text search query
Query string `json:"query,omitempty"`
}
AuditQueryFilter defines filters for querying audit logs