Audit Logging

Comprehensive audit trail system for security and compliance.

Overview

StrataRouter Enterprise provides detailed audit logging for all security-relevant events, enabling compliance with SOC 2, HIPAA, ISO 27001, and other regulatory frameworks.

Audit Events

Authentication Events

// Login attempts
audit_log.record(AuditEvent {
    event_type: "user.login",
    user_id: Some("user_123"),
    success: true,
    metadata: json!({
        "ip_address": "192.168.1.1",
        "mfa_used": true,
    }),
});

// Failed login
audit_log.record(AuditEvent {
    event_type: "user.login_failed",
    user_id: Some("user_123"),
    success: false,
    metadata: json!({
        "reason": "invalid_password",
        "ip_address": "192.168.1.1",
    }),
});

Authorization Events

// Permission checks
audit_log.record(AuditEvent {
    event_type: "permission.check",
    user_id: Some("user_123"),
    resource: Some("routing:execute"),
    success: true,
});

Data Access Events

// Data access
audit_log.record(AuditEvent {
    event_type: "data.access",
    user_id: Some("user_123"),
    resource: Some("executions/exec_456"),
    action: "read",
    success: true,
});

Transaction Log Integration

All audit events are automatically written to the Transaction Log for immutability and cryptographic verification.

// Audit events are automatically logged
let entry = LogEntry::new(
    "audit.event",
    serde_json::to_value(&audit_event)?,
);

transaction_log.append(entry).await?;

Compliance Features

• Immutable Audit Trail: Cannot be modified or deleted
• Cryptographic Verification: SHA-256 hash chains
• Long-term Retention: 7+ year retention policies
• Export Capabilities: JSON export for auditors
• Query Interface: Search audit events

See Also

• Transaction Log - Underlying log system
• Security - Security architecture
• Authentication - Auth system
• RBAC - Role-based access control