Conversation
|
the audit log is designed for 3rd-party integration through two mechanisms:
AWS Security Lake (direct ingestion)
|
|
huh... i thought there is already an audit log feature on masteR? @Mikearaya |
|
@pozylon, yes, the engine already had a basic file-based audit log implementation, with HTTP push support to collectors and logging for only a few critical operations. This feature branch is mainly focused on making audit logs accessible through the Admin UI and expanding the number of operations captured. In general, this branch:
|
ccb9f41 to
0124a0c
Compare
OCSF-Compliant Audit Logging
Core Engine (
packages/events/src/audit/)audit-integration.tsAsyncLocalStorage-based request context (runWithAuditContext) threads user identity through async call stacks without explicit parameter passingUNCHAINED_AUDIT_LOG_DIRenv var supportGraphQL API (
packages/api/)auditLogs,auditLogsCount,auditChainStatus,failedLoginAttemptsclassUids,userId,success,from/todate range,queryTextsearchAdmin UI (
admin-ui/)/settings/securityWorker Plugin (
packages/plugins/)Tests
tests/audit-log.test.js) — queries, all filter types (to,from,classUids,success,userId,queryText), authorization (admin/anon/normal user), login event capture, export via work queue (CSV, JSONL, with filters)tests/audit-compliance.test.js) — full checkout flow audit trail, hash chain integrity, sequential sequence numbers, PCI DSS 10.2.1, SOC 2, GDPR Article 30Observability
"Audit integration configured: 97/97 events subscribed"with warnings for any missing events