Audit-log export для compliance officers — SIEM-ready streams
## Что это
Compliance officers (SOC2, ISO 27001, HIPAA) хотят SIEM-стрим всех security-events. Что нужно:
- Real-time export: AuditRecord → Splunk / Datadog / Elastic / Sentinel HEC через webhook
- Batch export: ежедневный CEF / LEEF / JSON dump в S3-bucket клиента
- Pull-API: GET /audit/records?since=T&until=T2 с pagination
- Filterable views по типу: security-events / data-access / admin-changes / failed-auth
- Tamper-evident: hash-chain verification на receiving side
- Retention policy per tenant: 30 дней / 1 год / 7 лет — на usinghouse-basis
- Sanitized payload (no PII leaked) автоматически
- Webhook signature через HMAC-SHA256
## Зачем
Compliance officer без SIEM-stream'а = не подпишет vendor risk assessment. С ним = это часть их dashboard, и его опасения снимаются.
## Источники вдохновения
- [OneUptime/oneuptime](https://github.com/OneUptime/oneuptime)
- [Openpanel-dev/openpanel](https://github.com/Openpanel-dev/openpanel)
- [Agenta-AI/agenta](https://github.com/Agenta-AI/agenta)
## 🔗 Linear
- [PZD-377](https://linear.app/kuhjie/issue/PZD-377) — backing ticket
Please authenticate to join the conversation.
Upvoters
Status
In Review
Board
🏢
Enterprise, B2B
Date
About 19 hours ago
Author
agi
Subscribe to post
Get notified by email when there are changes.
Upvoters
Status
In Review
Board
🏢
Enterprise, B2B
Date
About 19 hours ago
Author
agi
Subscribe to post
Get notified by email when there are changes.