Skip to main content

Module audit

do_memory_core::security

Module audit 

Source
Expand description

Comprehensive audit logging for security compliance and incident investigation.

This module provides structured audit logging capabilities that track all critical operations in the memory system. Audit logs are designed for:

  • Security compliance: Meet regulatory requirements for data access tracking
  • Incident investigation: Reconstruct events leading to issues
  • Forensic analysis: Understand system behavior and data flow
  • Access control monitoring: Detect unauthorized access attempts

§Features

  • Structured JSON logging for machine parsing
  • Millisecond-precision timestamps
  • User/agent identification
  • Before/after state tracking for modifications
  • Configurable log levels and destinations
  • Minimal performance overhead (<5% when enabled)

§Configuration

Audit logging is disabled by default for development environments. Enable via configuration:

use do_memory_core::security::audit::{AuditConfig, AuditLogger, AuditLogLevel, AuditOutput};

let config = AuditConfig {
    enabled: true,
    log_level: AuditLogLevel::Info,
    output_destination: AuditOutput::Stdout,
    retention_days: 90,
    include_state_changes: true,
    include_ip_address: false,
    include_session_info: false,
    buffer_size: 100,
};

let logger = AuditLogger::new(config);

§Environment Variables

  • MEMORY_AUDIT_ENABLED: Enable/disable audit logging (true/false)
  • MEMORY_AUDIT_LEVEL: Log level (debug, info, warn, error)
  • MEMORY_AUDIT_OUTPUT: Output destination (stdout, stderr, file)
  • MEMORY_AUDIT_FILE: File path when output is file
  • MEMORY_AUDIT_RETENTION_DAYS: Log retention period in days

Structs§

AuditConfig
Configuration for audit logging.
AuditContext
Context for audit logging operations.
AuditEntry
A single audit log entry.
AuditLogger
Async audit logger with buffering and configurable output.

Enums§

ActorType
Actor type performing the action.
AuditEventType
Types of audit events.
AuditLogLevel
Severity level for audit log entries.
AuditOutput
Output destination for audit logs.
AuditResult
Result of an audited operation.

Functions§

access_denied
Create an audit entry for access denial.
config_changed
Create an audit entry for configuration changes.
episode_completed
Create an audit entry for episode completion.
episode_created
Create an audit entry for episode creation.
episode_deleted
Create an audit entry for episode deletion.
relationship_added
Create an audit entry for relationship addition.
relationship_removed
Create an audit entry for relationship removal.
tags_modified
Create an audit entry for tag modification.