Crate paranoid_audit¶
- crate paranoid_audit¶
Variables
- const AUDIT_HASH_CHAIN_VERSION: u16¶
- const AUDIT_SCHEMA_VERSION: u16¶
- const DEFAULT_AUDIT_OPERATION_ID: &str¶
Functions
- fn assess_external_audit_device_from_environment() -> AuditSinkHealth¶
- fn assess_external_audit_device_from_lookup_with_probe(mut value_for: impl FnMut(&str) -> Option<String>, probe: &mut impl ExternalAuditDeviceProbe) -> AuditSinkHealth¶
- fn assess_optional_jsonl_file_audit_sink(path: Option<&Path>) -> AuditSinkHealth¶
- fn hash_chain_events(events: &[AuditEvent]) -> Result<Vec<HashChainedAuditEvent>, AuditError>¶
- fn verify_hash_chain(events: &[HashChainedAuditEvent]) -> Result<(), AuditError>¶
- fn write_events_jsonl(path: impl AsRef<Path>, events: &[AuditEvent]) -> Result<(), AuditError>¶
Traits
- trait AuditSink¶
Functions
- fn flush(&mut self) -> Result<(), AuditError>¶
- fn record_event(&mut self, event: &AuditEvent) -> Result<(), AuditError>¶
- fn record_events(&mut self, events: &[AuditEvent]) -> Result<(), AuditError>¶
- trait ExternalAuditDeviceProbe¶
Functions
- fn probe(&mut self, config: &ExternalAuditDeviceConfig) -> ExternalAuditDeviceProbeResult¶
Enums
- enum AuditSubject¶
- PasswordGeneration¶
- StatisticalAudit¶
- ComplianceCheck¶
- VaultOperation¶
- ReleaseAssurance¶
- Automation¶
- enum AuditSurface¶
- Core¶
- Vault¶
- Cli¶
- Tui¶
- Gui¶
- Ops¶
- SupplyChain¶
Implementations
- impl AuditSurface¶
Functions
- fn as_str(self) -> &'static str¶
Structs and Unions
- struct AuditEvent¶
- schema_version: u16¶
- operation_id: String¶
- event_id: String¶
- sequence: u64¶
- occurred_at_epoch_ms: u128¶
- timestamp_error: Option<String>¶
- surface: AuditSurface¶
- subject: AuditSubject¶
- action: String¶
- outcome: AuditOutcome¶
- severity: AuditSeverity¶
- message: String¶
- attributes: BTreeMap<String, String>¶
Implementations
- impl AuditEvent¶
Functions
- fn redact_attributes(&mut self, redactor: &AuditRedactor)¶
- fn with_attribute(mut self, key: impl Into<String>, value: impl Into<String>) -> Self¶
- struct AuditRedactor¶
Implementations
- impl AuditRedactor¶
Functions
- fn redact_attributes(&self, attributes: &BTreeMap<String, String>) -> BTreeMap<String, String>¶
- fn strict() -> Self¶
Traits implemented
- impl Default for AuditRedactor¶
- struct AuditSinkHealth¶
- schema_version: u16¶
- kind: AuditSinkKind¶
- status: AuditSinkStatus¶
- configured: bool¶
- writable: bool¶
- append_mode: bool¶
- redaction_mode: String¶
- path: Option<String>¶
- endpoint: Option<String>¶
- provider_id: Option<String>¶
- evidence_source: Option<String>¶
- failure: Option<String>¶
Implementations
- impl AuditSinkHealth¶
Functions
- fn is_available(&self) -> bool¶
- fn not_configured_external_device() -> Self¶
- fn not_configured_jsonl() -> Self¶
- fn ready_external_device(provider_id: impl Into<String>, endpoint: impl Into<String>, evidence_source: impl Into<String>) -> Self¶
- fn ready_jsonl(path: Option<String>) -> Self¶
- fn unverified_external_device(provider_id: impl Into<String>, endpoint: impl Into<String>, failure: impl Into<String>) -> Self¶
- fn unverified_external_device_with_evidence_source(provider_id: impl Into<String>, endpoint: impl Into<String>, evidence_source: impl Into<String>, failure: impl Into<String>) -> Self¶
- struct AuditTrail¶
Implementations
- impl AuditTrail¶
Functions
- fn events(&self) -> &[AuditEvent]¶
- fn for_operation(operation_id: impl Into<String>) -> Self¶
- fn into_events(self) -> Vec<AuditEvent>¶
- fn is_empty(&self) -> bool¶
- fn new() -> Self¶
- fn operation_id(&self) -> &str¶
- fn record(&mut self, surface: AuditSurface, subject: AuditSubject, action: impl Into<String>, outcome: AuditOutcome, severity: AuditSeverity, message: impl Into<String>) -> &mut AuditEvent¶
- fn to_hash_chain(&self) -> Result<Vec<HashChainedAuditEvent>, AuditError>¶
- fn to_json_lines(&self) -> Result<String, AuditError>¶
- fn write_jsonl(&self, path: impl AsRef<Path>) -> Result<(), AuditError>¶
Traits implemented
- impl Default for AuditTrail¶
- struct DisabledExternalAuditDeviceProbe¶
Implementations
- impl DisabledExternalAuditDeviceProbe¶
Functions
- fn unsupported_mode(mode: impl Into<String>) -> Self¶
Traits implemented
- impl Default for DisabledExternalAuditDeviceProbe¶
- struct ExternalAuditDeviceConfig¶
Implementations
- impl ExternalAuditDeviceConfig¶
Functions
- fn endpoint(&self) -> &str¶
- fn mtls_ca_certificate_evidence(&self) -> &str¶
- fn mtls_certificate_evidence(&self) -> &str¶
- fn mtls_private_key_evidence(&self) -> &str¶
- fn new(provider_id: impl Into<String>, endpoint: impl Into<String>, mtls_certificate_evidence: impl Into<String>, mtls_private_key_evidence: impl Into<String>, mtls_ca_certificate_evidence: impl Into<String>) -> Self¶
- fn provider_id(&self) -> &str¶
- struct ExternalAuditDeviceProbeResult¶
Implementations
- impl ExternalAuditDeviceProbeResult¶
Functions
- fn ready(evidence_source: impl Into<String>) -> Self¶
- fn unverified(evidence_source: impl Into<String>, failure: impl Into<String>) -> Self¶
- struct HashChainedAuditEvent¶
- chain_version: u16¶
- previous_hash_hex: Option<String>¶
- event_hash_hex: String¶
- event: AuditEvent¶
- struct JsonlFileAuditSink¶
Implementations
- impl JsonlFileAuditSink¶
Functions
- fn open(path: impl AsRef<Path>) -> Result<Self, AuditError>¶
Traits implemented
- impl AuditSink for JsonlFileAuditSink¶
- struct MtlsJsonlAckExternalAuditDeviceProbe¶
Implementations
- impl MtlsJsonlAckExternalAuditDeviceProbe¶
Functions
- fn new(timeout: Duration) -> Self¶
Traits implemented
- impl Default for MtlsJsonlAckExternalAuditDeviceProbe¶
- struct TcpConnectExternalAuditDeviceProbe¶
Implementations
- impl TcpConnectExternalAuditDeviceProbe¶
Functions
- fn new(timeout: Duration) -> Self¶
Traits implemented
- impl Default for TcpConnectExternalAuditDeviceProbe¶