Security-focused logging with sanitization, encryption, and audit trails. More...

#include <kcenon/logger/core/logger.h>
#include <kcenon/logger/interfaces/log_filter_interface.h>
#include <kcenon/logger/writers/console_writer.h>
#include <kcenon/logger/writers/file_writer.h>
#include <kcenon/common/interfaces/logger_interface.h>
#include <iostream>
#include <thread>
#include <chrono>
#include <regex>

Include dependency graph for security_demo.cpp:

Go to the source code of this file.

Classes
class	security_filter

Functions
void	demonstrate_log_sanitization ()

void	demonstrate_security_logging ()

void	demonstrate_encryption ()

void	demonstrate_audit_trail ()

void	demonstrate_compliance_logging ()

void	demonstrate_intrusion_detection ()

void	demonstrate_security_metrics ()

int	main ()

Detailed Description

Security-focused logging with sanitization, encryption, and audit trails.

Definition in file security_demo.cpp.

Function Documentation

◆ demonstrate_audit_trail()

void demonstrate_audit_trail ( )

Examples: security_demo.cpp.

Definition at line 133 of file security_demo.cpp.

                               {
    std::cout << "\n=== Audit Trail Demo ===" << std::endl;
    
    auto logger = std::make_shared<logger_module::logger>();
    
    // Create audit logger (separate from main logger)
    auto audit_writer = std::make_unique<file_writer>("audit_trail.log");
    logger->add_writer("audit", std::move(audit_writer));
    
    // Configure routing for audit trail
    auto& router = logger->get_router();
    // Note: Router configuration would be done here if needed
    
    // Simulate various events
    logger->log(ci::log_level::info, std::string("Normal operation"));
    logger->log(ci::log_level::warning, std::string("High CPU usage"));
    logger->log(ci::log_level::critical, std::string("Security breach detected"));
    logger->log(ci::log_level::critical, std::string("Unauthorized access attempt"));
    logger->log(ci::log_level::error, std::string("Database connection failed"));
    
    std::cout << "Audit events written to: audit_trail.log" << std::endl;
}

Referenced by main().

Here is the caller graph for this function:

◆ demonstrate_compliance_logging()

void demonstrate_compliance_logging ( )

Examples: security_demo.cpp.

Definition at line 156 of file security_demo.cpp.

                                      {
    std::cout << "\n=== Compliance Logging Demo ===" << std::endl;
    
    auto base_logger = std::make_shared<logger_module::logger>();
    auto structured = std::make_shared<structured_logger>(base_logger);
    auto sanitizer = std::make_shared<log_sanitizer>();
    
    // GDPR-compliant user data access log
    structured->info(sanitizer->sanitize("User data access"))
        .field("user_id", "USR-12345")
        .field("accessed_by", "ADMIN-001")
        .field("data_type", "personal_information")
        .field("purpose", "support_request")
        .field("timestamp", std::chrono::system_clock::now())
        .field("ip_address", sanitizer->sanitize("192.168.1.50"))
        .commit();
    
    // PCI compliance - payment processing
    structured->info(sanitizer->sanitize("Payment processed"))
        .field("transaction_id", "TXN-98765")
        .field("amount", 150.00)
        .field("currency", "USD")
        .field("card_last_four", "9012")  // Only last 4 digits
        .field("status", "success")
        .commit();
    
    // HIPAA compliance - healthcare data access
    structured->warning(sanitizer->sanitize("Medical record accessed"))
        .field("patient_id", "PAT-55555")  // Anonymized ID
        .field("accessed_by", "DOC-777")
        .field("record_type", "lab_results")
        .field("compliance", "HIPAA")
        .commit();
}

Referenced by main().

Here is the caller graph for this function:

◆ demonstrate_encryption()

void demonstrate_encryption ( )

Examples: security_demo.cpp.

Definition at line 116 of file security_demo.cpp.

                              {
    std::cout << "\n=== Encryption Demo ===" << std::endl;
    
    auto logger = std::make_shared<logger_module::logger>();
    
    // Add encrypted file writer
    logger->add_writer(std::make_unique<file_writer>("security_encrypted.log"));
    
    logger->log(ci::log_level::info,
                std::string("This message will be written to an encrypted log file"));
 
    logger->log(ci::log_level::warning,
                std::string("Sensitive operations are logged securely"));
    
    std::cout << "Messages written to encrypted log file: security_encrypted.log" << std::endl;
}

Referenced by main().

Here is the caller graph for this function:

◆ demonstrate_intrusion_detection()

void demonstrate_intrusion_detection ( )

Examples: security_demo.cpp.

Definition at line 191 of file security_demo.cpp.

                                       {
    std::cout << "\n=== Intrusion Detection Demo ===" << std::endl;
    
    auto logger = std::make_shared<logger_module::logger>();
    auto structured = std::make_shared<structured_logger>(logger);
    auto sanitizer = std::make_shared<log_sanitizer>();
    
    // Simulate suspicious activities
    structured->warning(sanitizer->sanitize("Multiple failed login attempts"))
        .field("source_ip", sanitizer->sanitize("10.0.0.100"))
        .field("target_user", "admin")
        .field("attempts", 5)
        .field("time_window", "60s")
        .commit();
    
    structured->critical(sanitizer->sanitize("Potential SQL injection detected"))
        .field("endpoint", "/api/users")
        .field("payload", sanitizer->sanitize("'; DROP TABLE users; --"))
        .field("blocked", true)
        .commit();
    
    structured->error(sanitizer->sanitize("Unauthorized API access"))
        .field("api_key", sanitizer->sanitize("api_key=example_api_key_abcdefgh123456"))
        .field("endpoint", "/api/v1/sensitive-data")
        .field("blocked", true)
        .commit();
    
    structured->critical(sanitizer->sanitize("Port scan detected"))
        .field("source_ip", sanitizer->sanitize("203.0.113.0"))
        .field("ports_scanned", 1000)
        .field("duration", "120s")
        .field("action", "ip_blocked")
        .commit();
}

Referenced by main().

Here is the caller graph for this function:

◆ demonstrate_log_sanitization()

void demonstrate_log_sanitization ( )

Examples: security_demo.cpp.

Definition at line 57 of file security_demo.cpp.

                                    {
    std::cout << "\n=== Log Sanitization Demo ===" << std::endl;
    
    auto sanitizer = std::make_shared<log_sanitizer>();
    
    // Test various sensitive data patterns
    std::vector<std::string> test_messages = {
        "Credit card payment: 4532-1234-5678-9012",
        "User SSN: 123-45-6789",
        "Contact email: john.doe@example.com",
        "Server IP: 192.168.1.100",
        "API_KEY=example_test_key_1234567890",
        "Login with password=SuperSecret123!",
        "Multiple cards: 5555-4444-3333-2222 and 4111111111111111",
        "Mixed data: email admin@test.com from 10.0.0.1 with key=abcd1234efgh5678"
    };
    
    std::cout << "\nOriginal vs Sanitized messages:" << std::endl;
    std::cout << std::string(80, '-') << std::endl;
    
    for (const auto& msg : test_messages) {
        std::string sanitized = sanitizer->sanitize(msg);
        std::cout << "Original:  " << msg << std::endl;
        std::cout << "Sanitized: " << sanitized << std::endl;
        std::cout << std::endl;
    }
}

Referenced by main().

Here is the caller graph for this function:

◆ demonstrate_security_logging()

void demonstrate_security_logging ( )

Examples: security_demo.cpp.

Definition at line 85 of file security_demo.cpp.

                                    {
    std::cout << "\n=== Security Logging Demo ===" << std::endl;
    
    auto logger = std::make_shared<logger_module::logger>();
    auto sanitizer = std::make_shared<log_sanitizer>();
    
    // Add security filter
    auto sec_filter = std::make_unique<security_filter>();
    logger->set_filter(std::move(sec_filter));
    
    // Simulate security events
    std::cout << "\nLogging security events (sensitive data will be sanitized):" << std::endl;
    
    // This will be blocked by the security filter
    logger->log(ci::log_level::warning,
                std::string("User login attempt with password=admin123"));
 
    // These will be logged but sanitized
    logger->log(ci::log_level::warning,
                sanitizer->sanitize("Suspicious activity from IP 192.168.1.100"));
 
    logger->log(ci::log_level::warning,
                sanitizer->sanitize("Failed login for email user@example.com"));
 
    logger->log(ci::log_level::error,
                sanitizer->sanitize("Data breach detected: SSN 123-45-6789 exposed"));
 
    logger->log(ci::log_level::critical,
                sanitizer->sanitize("API key compromised: key=EXAMPLE_KEY_12345"));
}

Referenced by main().

Here is the caller graph for this function:

◆ demonstrate_security_metrics()

void demonstrate_security_metrics ( )

Examples: security_demo.cpp.

Definition at line 226 of file security_demo.cpp.

                                    {
    std::cout << "\n=== Security Metrics Demo ===" << std::endl;
    
    auto logger = std::make_shared<logger_module::logger>();
    logger->enable_metrics_collection(true);
    
    // Get security-related metrics
    auto metrics_result = logger->get_current_metrics();
    
    std::cout << "\nSecurity Logging Metrics:" << std::endl;
    if (metrics_result) {
        auto& metrics = metrics_result.value();
        std::cout << "Total logs: " << metrics.messages_enqueued.load() << std::endl;
        std::cout << "Messages per second: " << metrics.get_messages_per_second() << std::endl;
        std::cout << "Average enqueue time: " << metrics.get_avg_enqueue_time_ns() << " ns" << std::endl;
        
        // Calculate security event rate (simplified for demo)
        auto duration = 1;
        
        if (duration > 0) {
            double message_rate = metrics.get_messages_per_second();
            std::cout << "\nMessage rate: " << message_rate << " msgs/sec" << std::endl;
        
            if (message_rate > 1000.0) {
                logger->log(ci::log_level::critical,
                           std::string("High message rate detected!"));
            }
        }
    } else {
        std::cout << "Failed to get metrics" << std::endl;
    }
}

Referenced by main().

Here is the caller graph for this function:

◆ main()

int main ( )

Definition at line 259 of file security_demo.cpp.

           {
    try {
        std::cout << "=== Security Features Demo ===" << std::endl;
        std::cout << "Demonstrating logger security capabilities\n" << std::endl;
        
        // Create and configure logger
        auto logger = std::make_shared<logger_module::logger>();
        logger->set_level(ci::log_level::debug);
        logger->start();
        
        // Add console output for demo
        logger->add_writer(std::make_unique<console_writer>());
        
        // Run demonstrations
        demonstrate_log_sanitization();
        std::this_thread::sleep_for(100ms);
        
        demonstrate_security_logging();
        std::this_thread::sleep_for(100ms);
        
        demonstrate_encryption();
        std::this_thread::sleep_for(100ms);
        
        demonstrate_audit_trail();
        std::this_thread::sleep_for(100ms);
        
        demonstrate_compliance_logging();
        std::this_thread::sleep_for(100ms);
        
        demonstrate_intrusion_detection();
        std::this_thread::sleep_for(100ms);
        
        demonstrate_security_metrics();
        
        // Cleanup
        logger->stop();
        logger->flush();
        
        std::cout << "\n=== Security Demo Complete ===" << std::endl;
        std::cout << "Check the following files for results:" << std::endl;
        std::cout << "- security_encrypted.log (encrypted messages)" << std::endl;
        std::cout << "- audit_trail.log (critical security events)" << std::endl;
        
    } catch (const std::exception& e) {
        std::cerr << "Error: " << e.what() << std::endl;
        return 1;
    }
    
    return 0;
}

References demonstrate_audit_trail(), demonstrate_compliance_logging(), demonstrate_encryption(), demonstrate_intrusion_detection(), demonstrate_log_sanitization(), demonstrate_security_logging(), and demonstrate_security_metrics().

Here is the call graph for this function:

Classes

Functions

Detailed Description

Function Documentation

◆ demonstrate_audit_trail()

◆ demonstrate_compliance_logging()

◆ demonstrate_encryption()

◆ demonstrate_intrusion_detection()

◆ demonstrate_log_sanitization()

◆ demonstrate_security_logging()

◆ demonstrate_security_metrics()

◆ main()