ai
/
MarketAlly.AIPlugin.Extensions
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
MarketAlly.AIPlugin.Extensions/MarketAlly.AIPlugin.DevOps/Security/AuditLogger.cs

140 lines
4.7 KiB
C#
Executable File
Raw Permalink Blame History

using Microsoft.Extensions.Logging;
using System;
using System.Collections.Generic;
using System.Text.Json;
using System.Threading.Tasks;
namespace MarketAlly.AIPlugin.DevOps.Security
{
public class AuditLogger
{
private readonly ILogger<AuditLogger> _logger;
public AuditLogger(ILogger<AuditLogger> logger = null)
{
_logger = logger;
}
public async Task LogSecurityEventAsync(SecurityAuditEvent auditEvent)
{
var logData = new
{
Timestamp = auditEvent.Timestamp,
EventType = auditEvent.EventType,
Severity = auditEvent.Severity,
Source = auditEvent.Source,
UserId = auditEvent.UserId,
Details = auditEvent.Details,
Metadata = auditEvent.Metadata
};
var jsonLog = JsonSerializer.Serialize(logData, new JsonSerializerOptions
{
WriteIndented = false,
PropertyNamingPolicy = JsonNamingPolicy.CamelCase
});
switch (auditEvent.Severity)
{
case SecuritySeverity.Critical:
_logger?.LogCritical("SECURITY_AUDIT: {AuditData}", jsonLog);
break;
case SecuritySeverity.High:
_logger?.LogError("SECURITY_AUDIT: {AuditData}", jsonLog);
break;
case SecuritySeverity.Medium:
_logger?.LogWarning("SECURITY_AUDIT: {AuditData}", jsonLog);
break;
case SecuritySeverity.Low:
_logger?.LogInformation("SECURITY_AUDIT: {AuditData}", jsonLog);
break;
default:
_logger?.LogInformation("SECURITY_AUDIT: {AuditData}", jsonLog);
break;
}
// TODO: In production, consider sending to SIEM or security monitoring system
await Task.CompletedTask;
}
public async Task LogAnalysisEventAsync(string pluginName, string filePath, int issuesFound, TimeSpan analysisTime)
{
var auditEvent = new SecurityAuditEvent
{
EventType = SecurityEventType.AnalysisCompleted,
Severity = issuesFound > 0 ? SecuritySeverity.Medium : SecuritySeverity.Low,
Source = pluginName,
Details = $"Analysis completed for {filePath}",
Metadata = new Dictionary<string, object>
{
["filePath"] = filePath,
["issuesFound"] = issuesFound,
["analysisTimeMs"] = analysisTime.TotalMilliseconds
}
};
await LogSecurityEventAsync(auditEvent);
}
public async Task LogSecurityIssueAsync(string pluginName, string filePath, string issueType, string severity)
{
var auditEvent = new SecurityAuditEvent
{
EventType = SecurityEventType.SecurityIssueDetected,
Severity = ParseSeverity(severity),
Source = pluginName,
Details = $"Security issue detected: {issueType}",
Metadata = new Dictionary<string, object>
{
["filePath"] = filePath,
["issueType"] = issueType,
["detectedSeverity"] = severity
}
};
await LogSecurityEventAsync(auditEvent);
}
private SecuritySeverity ParseSeverity(string severity)
{
return severity?.ToLower() switch
{
"critical" => SecuritySeverity.Critical,
"high" => SecuritySeverity.High,
"medium" => SecuritySeverity.Medium,
"low" => SecuritySeverity.Low,
_ => SecuritySeverity.Medium
};
}
}
public class SecurityAuditEvent
{
public DateTime Timestamp { get; set; } = DateTime.UtcNow;
public SecurityEventType EventType { get; set; }
public SecuritySeverity Severity { get; set; }
public string Source { get; set; }
public string UserId { get; set; }
public string Details { get; set; }
public Dictionary<string, object> Metadata { get; set; } = new();
}
public enum SecurityEventType
{
AnalysisStarted,
AnalysisCompleted,
SecurityIssueDetected,
ConfigurationValidated,
FileAccessed,
PermissionChecked,
CryptographicOperation
}
public enum SecuritySeverity
{
Low,
Medium,
High,
Critical
}
}
Reference in New Issue View Git Blame Copy Permalink