feat: implement Phase 4 enhancements
Some checks failed
CI / lint-and-test (push) Has been cancelled
Some checks failed
CI / lint-and-test (push) Has been cancelled
- Migrate frontend to Alpine.js for reactive state management
- Add source health dashboard in UI and /api/source-health endpoint
- Add event tagging (PATCH /api/events/{id}/tags) and commenting (POST /api/events/{id}/comments)
- Add CSV/JSON export from the UI
- Add rule-based alerting engine (rules.py) with CRUD endpoints (/api/rules)
- Add SIEM export via webhook (siem.py)
- Add AOC audit trail middleware logging all mutations to aoc_audit collection
- Update config with SIEM_ENABLED, SIEM_WEBHOOK_URL, ALERTS_ENABLED
- Add tests for rules engine, tags, comments, and source health
This commit is contained in:
22
backend/audit_trail.py
Normal file
22
backend/audit_trail.py
Normal file
@@ -0,0 +1,22 @@
|
||||
from datetime import UTC, datetime
|
||||
|
||||
import structlog
|
||||
from database import db
|
||||
|
||||
logger = structlog.get_logger("aoc.audit")
|
||||
audit_collection = db["aoc_audit"]
|
||||
|
||||
|
||||
def log_action(action: str, resource: str, details: dict | None = None, user: str | None = None):
|
||||
"""Log an action in the AOC audit trail."""
|
||||
doc = {
|
||||
"timestamp": datetime.now(UTC).isoformat(),
|
||||
"action": action,
|
||||
"resource": resource,
|
||||
"details": details or {},
|
||||
"user": user or "anonymous",
|
||||
}
|
||||
try:
|
||||
audit_collection.insert_one(doc)
|
||||
except Exception as exc:
|
||||
logger.warning("Failed to write audit trail", error=str(exc))
|
||||
Reference in New Issue
Block a user