Expand description
Legalis-Audit: Audit trail and decision logging for Legalis-RS.
This crate provides comprehensive audit logging for legal decisions with:
§Core Features
- Decision recording with full context (actor, statute, subject, etc.)
- Hash chain integrity for tamper detection
- Immutable audit trails with cryptographic verification
- Compliance reporting with detailed statistics
§Storage Backends
- In-memory: Fast, ephemeral storage for testing/development
- JSONL: Durable file-based storage with human-readable format
- Custom: Implement
AuditStoragetrait for your own backend
§Query System
Use the query::QueryBuilder for flexible filtering:
- Filter by statute ID, subject ID, event type
- Filter by actor type (System, User, External)
- Date range queries
- Pagination support
§Export Formats
- CSV for spreadsheet analysis
- JSON for programmatic access
- JSON-LD for semantic web compatibility
§Analysis & Anomaly Detection
Use analysis::DecisionAnalyzer for pattern analysis:
- Decision distribution by statute, actor, event type
- Temporal distribution and trend analysis
- Anomaly detection (volume spikes, unusual override rates)
- Compliance summary generation
§Decision Replay
Use replay::DecisionReplayer for historical analysis:
- Point-in-time reconstruction of audit trail state
- Subject and statute history tracking
- Timeline comparison between two points
- What-if analysis by filtering decisions
§GDPR Compliance
Use retention module for GDPR compliance:
- Data subject access requests (Article 15)
- Right to explanation for automated decisions (Article 22)
- Retention policies with statute exemptions
- Erasure analysis (right to be forgotten)
§Example Usage
use legalis_audit::{AuditTrail, AuditRecord, EventType, Actor, DecisionContext, DecisionResult};
use std::collections::HashMap;
use uuid::Uuid;
// Create an in-memory audit trail
let mut trail = AuditTrail::new();
// Or use JSONL file storage
// let mut trail = AuditTrail::with_jsonl_file("/path/to/audit.jsonl").unwrap();
// Record a decision
let record = AuditRecord::new(
EventType::AutomaticDecision,
Actor::System { component: "engine".to_string() },
"statute-123".to_string(),
Uuid::new_v4(),
DecisionContext::default(),
DecisionResult::Deterministic {
effect_applied: "approved".to_string(),
parameters: HashMap::new(),
},
None,
);
let id = trail.record(record).unwrap();
// Query records
let records = trail.query_by_statute("statute-123").unwrap();
// Verify integrity
assert!(trail.verify_integrity().unwrap());
// Generate compliance report
let report = trail.generate_report().unwrap();
println!("Total decisions: {}", report.total_decisions);Modules§
- aggregate
- Aggregate queries for audit trail analytics.
- analysis
- Analysis and reporting for audit trails.
- archival
- Archival functionality for audit records.
- async_
batch - Async write batching for improved performance.
- batch
- Async write batching for high-performance audit logging.
- behavioral
- Behavioral pattern recognition for decision-making analysis.
- bias
- Bias detection in automated decisions.
- bloom
- Bloom filter for fast record existence checks.
- clustering
- Decision clustering analysis using k-means algorithm.
- comparison
- Comparison reports for audit trail analytics.
- compliance
- Enhanced compliance features for multiple regulatory frameworks.
- compression
- Record compression for storage efficiency.
- custody
- Chain-of-custody tracking for forensic audit trails.
- dashboard
- Live audit dashboard for real-time monitoring.
- datadog
- Datadog integration for audit trail export.
- delivery
- Report delivery mechanisms for audit reports.
- distributed
- Multi-node audit synchronization for distributed audit trails
- elasticsearch
- Elasticsearch export for audit trails.
- encryption
- Encryption at rest for audit records.
- evidence
- Digital evidence packaging for forensic use.
- export
- Export functionality for audit trails.
- forensic
- Forensic and court-admissible export formats.
- incident_
response - Incident response automation for audit trail events.
- integrity
- Integrity verification using Merkle trees.
- integrity_
checker - Background integrity checking daemon.
- interactive
- Interactive HTML reports with client-side filtering and sorting.
- jira
- Jira integration for audit trail export.
- join
- Join queries across multiple audit trails.
- lineage
- Decision lineage visualization and tracking.
- ml_
anomaly - ML-based anomaly detection for audit trails.
- newrelic
- New Relic integration for audit trail export.
- notifications
- Notifications for anomalies and alerts via Slack and Microsoft Teams.
- predictive
- Predictive analytics for compliance violations.
- privacy
- Privacy-preserving audit features.
- query
- Query builder for flexible audit record filtering.
- query_
plan - Query plan explanation for audit trail queries.
- realtime_
alert - Real-time alerting system for audit trail monitoring.
- regulator
- Regulatory audit log export functionality.
- regulatory_
automation - Regulatory Automation for audit compliance.
- replay
- Decision replay and point-in-time reconstruction.
- retention
- Retention policies and GDPR compliance for audit trails.
- risk_
scoring - Risk scoring models for compliance and decision analysis.
- scheduler
- Scheduled report generation for audit trails.
- search
- Full-text search across audit records.
- servicenow
- ServiceNow integration for audit trail export.
- siem
- SIEM (Security Information and Event Management) integration.
- splunk
- Splunk integration for audit trail export.
- storage
- Storage backends for audit trails.
- streaming
- Streaming audit analysis for real-time processing.
- telemetry
- OpenTelemetry tracing integration for audit operations.
- templates
- Custom report templates for flexible audit reporting.
- timeline
- Timeline reconstruction tools for forensic analysis.
- timeseries
- Time-series queries for audit trail trend analysis.
- trend_
forecast - Trend forecasting for decision and compliance patterns.
- watchdog
- Watchdog process integration for continuous monitoring.
- webhook
- Webhook notifications for audit events.
Structs§
- Audit
Record - An audit record for a legal decision.
- Audit
Trail - Audit trail storage.
- Compliance
Report - Compliance report.
- Decision
Context - Context for a decision.
- Evaluated
Condition - A condition that was evaluated.
Enums§
- Actor
- Actor who triggered the event.
- Audit
Error - Errors during audit operations.
- Decision
Result - Result of a decision.
- Event
Type - Type of audit event.
Type Aliases§
- Audit
Result - Result type for audit operations.