claude-flow-tbowman01
Version:
Enterprise-grade AI agent orchestration with ruv-swarm integration (Alpha Release)
459 lines • 13.5 kB
TypeScript
import { EventEmitter } from 'events';
import { Logger } from '../core/logger.js';
import { ConfigManager } from '../core/config.js';
export interface AuditEntry {
id: string;
timestamp: Date;
eventType: string;
category: 'authentication' | 'authorization' | 'data-access' | 'system-change' | 'security' | 'compliance' | 'business';
severity: 'low' | 'medium' | 'high' | 'critical';
userId?: string;
sessionId?: string;
resource: {
type: string;
id: string;
name?: string;
path?: string;
};
action: string;
outcome: 'success' | 'failure' | 'partial' | 'denied';
details: Record<string, any>;
context: {
ipAddress?: string;
userAgent?: string;
location?: string;
source: string;
requestId?: string;
};
compliance: {
frameworks: string[];
controls: string[];
retention: string;
classification: 'public' | 'internal' | 'confidential' | 'restricted';
};
integrity: {
hash: string;
signature?: string;
verified: boolean;
};
metadata: Record<string, any>;
}
export interface ComplianceFramework {
id: string;
name: string;
version: string;
description: string;
type: 'regulatory' | 'industry' | 'internal' | 'certification';
requirements: ComplianceRequirement[];
auditFrequency: 'continuous' | 'daily' | 'weekly' | 'monthly' | 'quarterly' | 'annually';
retentionPeriod: string;
reportingRequirements: {
frequency: string;
recipients: string[];
format: string[];
automated: boolean;
};
controls: ComplianceControl[];
status: 'active' | 'inactive' | 'pending' | 'deprecated';
implementationDate: Date;
nextReview: Date;
responsible: string;
}
export interface ComplianceRequirement {
id: string;
title: string;
description: string;
category: string;
priority: 'low' | 'medium' | 'high' | 'critical';
status: 'compliant' | 'non-compliant' | 'partial' | 'not-applicable' | 'pending';
evidence: string[];
gaps: string[];
remediation: {
actions: string[];
owner: string;
dueDate: Date;
cost?: number;
effort?: string;
};
lastAssessed: Date;
nextAssessment: Date;
automatedCheck: {
enabled: boolean;
frequency: string;
query: string;
threshold?: any;
};
}
export interface ComplianceControl {
id: string;
name: string;
description: string;
type: 'preventive' | 'detective' | 'corrective' | 'compensating';
automationType: 'manual' | 'semi-automated' | 'automated';
effectiveness: 'low' | 'medium' | 'high';
frequency: string;
owner: string;
evidence: string[];
testingProcedure: string;
lastTested: Date;
nextTest: Date;
status: 'effective' | 'ineffective' | 'needs-improvement' | 'not-tested';
}
export interface AuditReport {
id: string;
title: string;
description: string;
type: 'compliance' | 'security' | 'operational' | 'financial' | 'investigation' | 'custom';
scope: {
timeRange: {
start: Date;
end: Date;
};
systems: string[];
users: string[];
events: string[];
compliance: string[];
};
findings: AuditFinding[];
recommendations: AuditRecommendation[];
summary: {
totalEvents: number;
criticalFindings: number;
complianceScore: number;
riskLevel: 'low' | 'medium' | 'high' | 'critical';
};
methodology: string;
limitations: string[];
reviewers: string[];
approvers: string[];
status: 'draft' | 'under-review' | 'approved' | 'published' | 'archived';
confidentiality: 'public' | 'internal' | 'confidential' | 'restricted';
createdAt: Date;
updatedAt: Date;
createdBy: string;
publishedAt?: Date;
}
export interface AuditFinding {
id: string;
title: string;
description: string;
severity: 'low' | 'medium' | 'high' | 'critical';
category: string;
risk: string;
impact: string;
likelihood: string;
evidence: AuditEvidence[];
relatedEvents: string[];
complianceImpact: {
frameworks: string[];
violations: string[];
penalties?: string[];
};
remediation: {
priority: 'low' | 'medium' | 'high' | 'immediate';
owner: string;
actions: string[];
timeline: string;
cost?: number;
};
status: 'open' | 'in-progress' | 'resolved' | 'accepted-risk' | 'false-positive';
}
export interface AuditEvidence {
id: string;
type: 'log-entry' | 'screenshot' | 'document' | 'system-output' | 'witness-statement' | 'data-export';
description: string;
source: string;
timestamp: Date;
hash: string;
location: string;
preservationStatus: 'intact' | 'modified' | 'corrupted' | 'missing';
chainOfCustody: ChainOfCustodyEntry[];
}
export interface ChainOfCustodyEntry {
timestamp: Date;
action: 'collected' | 'accessed' | 'analyzed' | 'transferred' | 'stored' | 'destroyed';
user: string;
reason: string;
hash: string;
}
export interface AuditRecommendation {
id: string;
title: string;
description: string;
priority: 'low' | 'medium' | 'high' | 'critical';
category: 'policy' | 'process' | 'technology' | 'training' | 'governance';
implementation: {
effort: 'low' | 'medium' | 'high';
cost: 'low' | 'medium' | 'high';
timeline: string;
dependencies: string[];
risks: string[];
};
expectedBenefit: string;
owner: string;
status: 'proposed' | 'approved' | 'in-progress' | 'completed' | 'rejected';
tracking: {
milestones: string[];
progress: number;
nextReview: Date;
};
}
export interface AuditTrail {
id: string;
name: string;
description: string;
category: string;
entries: AuditEntry[];
configuration: {
retention: string;
compression: boolean;
encryption: boolean;
archival: {
enabled: boolean;
location: string;
schedule: string;
};
monitoring: {
realTime: boolean;
alerting: boolean;
dashboards: string[];
};
};
integrity: {
verified: boolean;
lastVerification: Date;
checksum: string;
tamperEvidence: TamperEvidence[];
};
access: {
viewers: string[];
admins: string[];
readonly: boolean;
auditAccess: boolean;
};
compliance: {
frameworks: string[];
retention: string;
exportRequirements: string[];
immutable: boolean;
};
createdAt: Date;
updatedAt: Date;
}
export interface TamperEvidence {
timestamp: Date;
type: 'checksum-mismatch' | 'unauthorized-access' | 'missing-entries' | 'timestamp-anomaly';
description: string;
severity: 'low' | 'medium' | 'high' | 'critical';
investigationStatus: 'pending' | 'investigating' | 'resolved' | 'false-alarm';
evidence: string[];
}
export interface AuditConfiguration {
general: {
enabled: boolean;
defaultRetention: string;
compressionEnabled: boolean;
encryptionEnabled: boolean;
realTimeProcessing: boolean;
};
collection: {
automaticCapture: boolean;
bufferSize: number;
batchSize: number;
flushInterval: number;
failureHandling: 'ignore' | 'retry' | 'alert' | 'stop';
};
storage: {
primaryLocation: string;
backupLocation?: string;
archivalLocation?: string;
partitioning: 'daily' | 'weekly' | 'monthly';
indexing: boolean;
};
integrity: {
checksumAlgorithm: 'sha256' | 'sha512' | 'blake2b';
verificationFrequency: string;
digitalSignatures: boolean;
immutableStorage: boolean;
};
compliance: {
frameworks: string[];
automaticClassification: boolean;
retentionPolicies: Record<string, string>;
exportFormats: string[];
};
monitoring: {
alerting: {
enabled: boolean;
channels: string[];
thresholds: {
failedLogins: number;
privilegedAccess: number;
dataExfiltration: number;
configChanges: number;
};
};
reporting: {
automated: boolean;
frequency: string;
recipients: string[];
dashboards: string[];
};
};
privacy: {
piiDetection: boolean;
anonymization: boolean;
masking: {
enabled: boolean;
patterns: string[];
};
consent: {
required: boolean;
tracking: boolean;
};
};
}
export interface AuditMetrics {
volume: {
totalEntries: number;
dailyAverage: number;
peakHourly: number;
byCategory: Record<string, number>;
bySeverity: Record<string, number>;
};
compliance: {
overallScore: number;
byFramework: Record<string, {
score: number;
compliant: number;
nonCompliant: number;
total: number;
}>;
trending: 'improving' | 'stable' | 'declining';
};
integrity: {
verificationSuccess: number;
tamperAttempts: number;
dataLoss: number;
corruptionEvents: number;
};
performance: {
ingestionRate: number;
queryResponseTime: number;
storageEfficiency: number;
availabilityPercentage: number;
};
security: {
unauthorizedAccess: number;
privilegedActions: number;
suspiciousPatterns: number;
escalatedIncidents: number;
};
}
export declare class AuditManager extends EventEmitter {
private auditTrails;
private frameworks;
private reports;
private auditBuffer;
private auditPath;
private logger;
private config;
private configuration;
constructor(auditPath?: string, logger?: Logger, config?: ConfigManager);
initialize(): Promise<void>;
logAuditEvent(eventData: {
eventType: string;
category: AuditEntry['category'];
severity?: AuditEntry['severity'];
userId?: string;
sessionId?: string;
resource: AuditEntry['resource'];
action: string;
outcome: AuditEntry['outcome'];
details: Record<string, any>;
context: Partial<AuditEntry['context']>;
compliance?: {
frameworks?: string[];
controls?: string[];
classification?: AuditEntry['compliance']['classification'];
};
}): Promise<AuditEntry>;
createComplianceFramework(frameworkData: {
name: string;
version: string;
description: string;
type: ComplianceFramework['type'];
requirements: Omit<ComplianceRequirement, 'id'>[];
controls: Omit<ComplianceControl, 'id'>[];
auditFrequency: ComplianceFramework['auditFrequency'];
retentionPeriod: string;
responsible: string;
}): Promise<ComplianceFramework>;
generateAuditReport(reportConfig: {
title: string;
description: string;
type: AuditReport['type'];
scope: AuditReport['scope'];
includeRecommendations?: boolean;
confidentiality?: AuditReport['confidentiality'];
}): Promise<AuditReport>;
exportAuditData(exportConfig: {
format: 'json' | 'csv' | 'xml' | 'pdf';
scope: {
timeRange: {
start: Date;
end: Date;
};
categories?: string[];
severity?: string[];
users?: string[];
};
destination: string;
encryption?: boolean;
compression?: boolean;
}): Promise<string>;
verifyAuditIntegrity(trailId?: string): Promise<{
verified: boolean;
issues: TamperEvidence[];
summary: {
totalEntries: number;
verifiedEntries: number;
corruptedEntries: number;
missingEntries: number;
};
}>;
getAuditMetrics(timeRange?: {
start: Date;
end: Date;
}): Promise<AuditMetrics>;
private getDefaultConfiguration;
private loadConfigurations;
private initializeDefaultFrameworks;
private startAuditProcessing;
private flushAuditBuffer;
private processAuditEntry;
private determineAuditTrail;
private createAuditTrail;
private calculateHash;
private calculateTrailChecksum;
private calculateRetentionPeriod;
private parseRetentionPeriod;
private queryAuditEntries;
private analyzeAuditEntries;
private calculateComplianceScore;
private checkAutomatedRequirement;
private calculateRiskLevel;
private generateRecommendations;
private checkComplianceViolations;
private checkSecurityAlerts;
private generateSecurityAlert;
private calculatePeakHourly;
private groupBy;
private convertToCSV;
private convertToXML;
private convertToPDF;
private saveFramework;
private saveAuditTrail;
private saveReport;
}
//# sourceMappingURL=audit-manager.d.ts.map