Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
71c993e4cd385853094aa180eb886cde18db2ccd
AegisGitea-MCP/docs/audit.md

733 B
Raw Blame History

Audit Logging

Design

Audit logs are append-only JSON lines with hash chaining:

  • prev_hash: previous entry hash.
  • entry_hash: hash of current entry payload + previous hash.

This makes tampering detectable.

Event Types

  • tool_invocation
  • access_denied
  • security_event

Each event includes timestamps and correlation context.

Integrity Validation

Use:

python3 scripts/validate_audit_log.py --path /var/log/aegis-mcp/audit.log

Exit code 0 indicates valid chain, non-zero indicates tamper/corruption.

Operational Expectations

  • Persist audit logs to durable storage.
  • Protect write permissions (service account only).
  • Validate integrity during incident response and release checks.
Reference in New Issue View Git Blame Copy Permalink