Documentation
¶
Overview ¶
Package audit provides a bulletproof audit logging sink that cannot lose data.
Index ¶
- Constants
- Variables
- type Config
- type FailureHandler
- type IntegrityReport
- type Option
- func WithBackend(backend backends.Config) Option
- func WithCircuitBreakerOptions(opts ...interface{}) Option
- func WithCompliance(profile string) Option
- func WithComplianceOptions(opts ...compliance.Option) Option
- func WithFailureHandler(handler FailureHandler) Option
- func WithGroupCommit(size int, delay time.Duration) Option
- func WithMetricsOptions(opts ...interface{}) Option
- func WithPanicOnFailure() Option
- func WithRetryPolicy(policy RetryPolicy) Option
- func WithWAL(path string, opts ...wal.Option) Option
- func WithWALSyncMode(mode wal.SyncMode) Option
- type RetryPolicy
- type Sink
- type SyncMode
Constants ¶
const ( // SyncImmediate syncs after every write (safest, slowest) SyncImmediate = wal.SyncImmediate // SyncInterval syncs periodically SyncInterval = wal.SyncInterval // SyncBatch syncs after a batch of writes SyncBatch = wal.SyncBatch )
Variables ¶
var ( // ErrSinkClosed is returned when attempting to use a closed sink. ErrSinkClosed = errors.New("audit sink is closed") // ErrWALCorrupted indicates WAL corruption has been detected. ErrWALCorrupted = errors.New("WAL corruption detected") // ErrWriteFailed indicates a write operation failed. ErrWriteFailed = errors.New("write failed") // ErrIntegrityFailed indicates an integrity check failed. ErrIntegrityFailed = errors.New("integrity check failed") // ErrComplianceViolation indicates a compliance requirement was violated. ErrComplianceViolation = errors.New("compliance violation") )
var ( // Version is the version of mtlog-audit, set at build time. Version = "dev" // BuildTime is the build timestamp, set at build time. BuildTime = "unknown" )
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
FailureHandler FailureHandler
ComplianceProfile string
WALPath string
MetricsOptions []interface{}
WALOptions []wal.Option
ComplianceOptions []compliance.Option
BackendConfigs []backends.Config
CircuitBreakerOptions []interface{}
RetryPolicy RetryPolicy
GroupCommitSize int
GroupCommitDelay time.Duration
GroupCommit bool
PanicOnFailure bool
}
Config holds the audit sink configuration.
type FailureHandler ¶
FailureHandler is called when audit write fails.
type IntegrityReport ¶
type IntegrityReport struct {
Timestamp time.Time
ComplianceIntegrity interface{}
WALIntegrity *wal.IntegrityReport
BackendReports []interface{}
BackendErrors []error
TotalRecords int
CorruptedSegments int
Valid bool
}
IntegrityReport contains the results of an integrity check.
type Option ¶
Option configures the audit sink.
func WithBackend ¶
WithBackend adds a backend configuration.
func WithCircuitBreakerOptions ¶
func WithCircuitBreakerOptions(opts ...interface{}) Option
WithCircuitBreakerOptions adds circuit breaker configuration options.
func WithCompliance ¶
WithCompliance applies a compliance profile.
func WithComplianceOptions ¶
func WithComplianceOptions(opts ...compliance.Option) Option
WithComplianceOptions adds compliance configuration options.
func WithFailureHandler ¶
func WithFailureHandler(handler FailureHandler) Option
WithFailureHandler sets a custom failure handler.
func WithGroupCommit ¶
WithGroupCommit enables group commit for better throughput. This automatically sets the WAL to use batch sync mode for performance.
func WithMetricsOptions ¶
func WithMetricsOptions(opts ...interface{}) Option
WithMetricsOptions adds monitoring/metrics configuration options.
func WithPanicOnFailure ¶
func WithPanicOnFailure() Option
WithPanicOnFailure causes the sink to panic on write failure.
func WithRetryPolicy ¶
func WithRetryPolicy(policy RetryPolicy) Option
WithRetryPolicy configures retry behavior.
func WithWALSyncMode ¶
WithWALSyncMode sets the WAL sync mode.
type RetryPolicy ¶
type RetryPolicy struct {
MaxAttempts int
InitialDelay time.Duration
MaxDelay time.Duration
Multiplier float64
}
RetryPolicy defines retry behavior for failed operations.
type Sink ¶
type Sink struct {
// contains filtered or unexported fields
}
Sink implements a bulletproof audit sink that guarantees delivery. It implements the core.LogEventSink interface from mtlog.
func New ¶
New creates a new audit sink with the specified options. Returns an error if the sink cannot guarantee audit requirements.
func (*Sink) Emit ¶
Emit processes a log event with guaranteed delivery. Implements core.LogEventSink from mtlog.
func (*Sink) VerifyIntegrity ¶
func (s *Sink) VerifyIntegrity() (*IntegrityReport, error)
VerifyIntegrity performs a full integrity check of the audit log.
Directories
¶
| Path | Synopsis |
|---|---|
|
Package backends provides storage backend implementations for audit log data.
|
Package backends provides storage backend implementations for audit log data. |
|
cmd
|
|
|
mtlog-audit
command
Package main provides the mtlog-audit CLI tool.
|
Package main provides the mtlog-audit CLI tool. |
|
mtlog-audit/commands
Package commands implements CLI commands for mtlog-audit.
|
Package commands implements CLI commands for mtlog-audit. |
|
profile
command
Package main provides CPU and memory profiling for mtlog-audit.
|
Package main provides CPU and memory profiling for mtlog-audit. |
|
examples
|
|
|
basic
command
Package main demonstrates basic usage of mtlog-audit.
|
Package main demonstrates basic usage of mtlog-audit. |
|
internal
|
|
|
logger
Package logger provides internal logging utilities for mtlog-audit CLI.
|
Package logger provides internal logging utilities for mtlog-audit CLI. |
|
Package monitoring provides Prometheus metrics for audit log operations.
|
Package monitoring provides Prometheus metrics for audit log operations. |
|
Package performance provides high-performance primitives for audit logging.
|
Package performance provides high-performance primitives for audit logging. |
|
Package resilience provides failure handling and recovery mechanisms.
|
Package resilience provides failure handling and recovery mechanisms. |
|
Package testutil provides test utilities and helpers for integration tests.
|
Package testutil provides test utilities and helpers for integration tests. |
|
Package torture implements comprehensive torture testing for the audit sink.
|
Package torture implements comprehensive torture testing for the audit sink. |
|
scenarios
Package scenarios contains specific torture test scenarios.
|
Package scenarios contains specific torture test scenarios. |
|
Package wal implements a bulletproof Write-Ahead Log for audit logging.
|
Package wal implements a bulletproof Write-Ahead Log for audit logging. |