logger_system/security__demo_8cpp_source.html

// BSD 3-Clause License

// Copyright (c) 2024, 🍀☀🌕🌥 🌊

// See the LICENSE file in the project root for full license information.


#include <kcenon/logger/core/logger.h>

// #include <kcenon/logger/security/log_sanitizer.h>  // TODO: Not implemented yet

// #include <kcenon/logger/structured/structured_logger.h>  // TODO: Not implemented yet

#include <kcenon/logger/interfaces/log_filter_interface.h>

// #include <kcenon/logger/routing/log_router.h>  // TODO: Not implemented yet

#include <kcenon/logger/writers/console_writer.h>

#include <kcenon/logger/writers/file_writer.h>

#include <kcenon/common/interfaces/logger_interface.h>


#include <iostream>

#include <thread>

#include <chrono>

#include <regex>


using namespace kcenon::logger;

namespace logger_module = kcenon::logger;

namespace ci = kcenon::common::interfaces;

using namespace std::chrono_literals;


// Custom security filter that blocks sensitive logs


class security_filter : public log_filter_interface {

public:


    bool should_log(const log_entry& entry) const override {

        const std::string message = entry.message.to_string();


        // Block logs containing passwords

        if (message.find("password") != std::string::npos) {

            std::cout << "[SECURITY] Blocked log containing password" << std::endl;

            return false;

        }

        return true;

    }


    std::string get_name() const override {

        return "security_filter";

    }


};


void demonstrate_log_sanitization() {

    std::cout << "\n=== Log Sanitization Demo ===" << std::endl;


    auto sanitizer = std::make_shared<log_sanitizer>();


    // Test various sensitive data patterns

    std::vector<std::string> test_messages = {

        "Credit card payment: 4532-1234-5678-9012",

        "User SSN: 123-45-6789",

        "Contact email: john.doe@example.com",

        "Server IP: 192.168.1.100",

        "API_KEY=example_test_key_1234567890",

        "Login with password=SuperSecret123!",

        "Multiple cards: 5555-4444-3333-2222 and 4111111111111111",

        "Mixed data: email admin@test.com from 10.0.0.1 with key=abcd1234efgh5678"

    };


    std::cout << "\nOriginal vs Sanitized messages:" << std::endl;

    std::cout << std::string(80, '-') << std::endl;


    for (const auto& msg : test_messages) {

        std::string sanitized = sanitizer->sanitize(msg);

        std::cout << "Original:  " << msg << std::endl;

        std::cout << "Sanitized: " << sanitized << std::endl;

        std::cout << std::endl;

    }

}


void demonstrate_security_logging() {

    std::cout << "\n=== Security Logging Demo ===" << std::endl;


    auto logger = std::make_shared<logger_module::logger>();

    auto sanitizer = std::make_shared<log_sanitizer>();


    // Add security filter

    auto sec_filter = std::make_unique<security_filter>();

    logger->set_filter(std::move(sec_filter));


    // Simulate security events

    std::cout << "\nLogging security events (sensitive data will be sanitized):" << std::endl;


    // This will be blocked by the security filter

    logger->log(ci::log_level::warning,

                std::string("User login attempt with password=admin123"));


    // These will be logged but sanitized

    logger->log(ci::log_level::warning,

                sanitizer->sanitize("Suspicious activity from IP 192.168.1.100"));


    logger->log(ci::log_level::warning,

                sanitizer->sanitize("Failed login for email user@example.com"));


    logger->log(ci::log_level::error,

                sanitizer->sanitize("Data breach detected: SSN 123-45-6789 exposed"));


    logger->log(ci::log_level::critical,

                sanitizer->sanitize("API key compromised: key=EXAMPLE_KEY_12345"));

}


void demonstrate_encryption() {

    std::cout << "\n=== Encryption Demo ===" << std::endl;


    auto logger = std::make_shared<logger_module::logger>();


    // Add encrypted file writer

    logger->add_writer(std::make_unique<file_writer>("security_encrypted.log"));


    logger->log(ci::log_level::info,

                std::string("This message will be written to an encrypted log file"));


    logger->log(ci::log_level::warning,

                std::string("Sensitive operations are logged securely"));


    std::cout << "Messages written to encrypted log file: security_encrypted.log" << std::endl;

}


void demonstrate_audit_trail() {

    std::cout << "\n=== Audit Trail Demo ===" << std::endl;


    auto logger = std::make_shared<logger_module::logger>();


    // Create audit logger (separate from main logger)

    auto audit_writer = std::make_unique<file_writer>("audit_trail.log");

    logger->add_writer("audit", std::move(audit_writer));


    // Configure routing for audit trail

    auto& router = logger->get_router();

    // Note: Router configuration would be done here if needed


    // Simulate various events

    logger->log(ci::log_level::info, std::string("Normal operation"));

    logger->log(ci::log_level::warning, std::string("High CPU usage"));

    logger->log(ci::log_level::critical, std::string("Security breach detected"));

    logger->log(ci::log_level::critical, std::string("Unauthorized access attempt"));

    logger->log(ci::log_level::error, std::string("Database connection failed"));


    std::cout << "Audit events written to: audit_trail.log" << std::endl;

}


void demonstrate_compliance_logging() {

    std::cout << "\n=== Compliance Logging Demo ===" << std::endl;


    auto base_logger = std::make_shared<logger_module::logger>();

    auto structured = std::make_shared<structured_logger>(base_logger);

    auto sanitizer = std::make_shared<log_sanitizer>();


    // GDPR-compliant user data access log

    structured->info(sanitizer->sanitize("User data access"))

        .field("user_id", "USR-12345")

        .field("accessed_by", "ADMIN-001")

        .field("data_type", "personal_information")

        .field("purpose", "support_request")

        .field("timestamp", std::chrono::system_clock::now())

        .field("ip_address", sanitizer->sanitize("192.168.1.50"))

        .commit();


    // PCI compliance - payment processing

    structured->info(sanitizer->sanitize("Payment processed"))

        .field("transaction_id", "TXN-98765")

        .field("amount", 150.00)

        .field("currency", "USD")

        .field("card_last_four", "9012")  // Only last 4 digits

        .field("status", "success")

        .commit();


    // HIPAA compliance - healthcare data access

    structured->warning(sanitizer->sanitize("Medical record accessed"))

        .field("patient_id", "PAT-55555")  // Anonymized ID

        .field("accessed_by", "DOC-777")

        .field("record_type", "lab_results")

        .field("compliance", "HIPAA")

        .commit();

}


void demonstrate_intrusion_detection() {

    std::cout << "\n=== Intrusion Detection Demo ===" << std::endl;


    auto logger = std::make_shared<logger_module::logger>();

    auto structured = std::make_shared<structured_logger>(logger);

    auto sanitizer = std::make_shared<log_sanitizer>();


    // Simulate suspicious activities

    structured->warning(sanitizer->sanitize("Multiple failed login attempts"))

        .field("source_ip", sanitizer->sanitize("10.0.0.100"))

        .field("target_user", "admin")

        .field("attempts", 5)

        .field("time_window", "60s")

        .commit();


    structured->critical(sanitizer->sanitize("Potential SQL injection detected"))

        .field("endpoint", "/api/users")

        .field("payload", sanitizer->sanitize("'; DROP TABLE users; --"))

        .field("blocked", true)

        .commit();


    structured->error(sanitizer->sanitize("Unauthorized API access"))

        .field("api_key", sanitizer->sanitize("api_key=example_api_key_abcdefgh123456"))

        .field("endpoint", "/api/v1/sensitive-data")

        .field("blocked", true)

        .commit();


    structured->critical(sanitizer->sanitize("Port scan detected"))

        .field("source_ip", sanitizer->sanitize("203.0.113.0"))

        .field("ports_scanned", 1000)

        .field("duration", "120s")

        .field("action", "ip_blocked")

        .commit();

}


void demonstrate_security_metrics() {

    std::cout << "\n=== Security Metrics Demo ===" << std::endl;


    auto logger = std::make_shared<logger_module::logger>();

    logger->enable_metrics_collection(true);


    // Get security-related metrics

    auto metrics_result = logger->get_current_metrics();


    std::cout << "\nSecurity Logging Metrics:" << std::endl;

    if (metrics_result) {

        auto& metrics = metrics_result.value();

        std::cout << "Total logs: " << metrics.messages_enqueued.load() << std::endl;

        std::cout << "Messages per second: " << metrics.get_messages_per_second() << std::endl;

        std::cout << "Average enqueue time: " << metrics.get_avg_enqueue_time_ns() << " ns" << std::endl;


        // Calculate security event rate (simplified for demo)

        auto duration = 1;


        if (duration > 0) {

            double message_rate = metrics.get_messages_per_second();

            std::cout << "\nMessage rate: " << message_rate << " msgs/sec" << std::endl;


            if (message_rate > 1000.0) {

                logger->log(ci::log_level::critical,

                           std::string("High message rate detected!"));

            }

        }

    } else {

        std::cout << "Failed to get metrics" << std::endl;

    }

}


int main() {

    try {

        std::cout << "=== Security Features Demo ===" << std::endl;

        std::cout << "Demonstrating logger security capabilities\n" << std::endl;


        // Create and configure logger

        auto logger = std::make_shared<logger_module::logger>();

        logger->set_level(ci::log_level::debug);

        logger->start();


        // Add console output for demo

        logger->add_writer(std::make_unique<console_writer>());


        // Run demonstrations

        demonstrate_log_sanitization();

        std::this_thread::sleep_for(100ms);


        demonstrate_security_logging();

        std::this_thread::sleep_for(100ms);


        demonstrate_encryption();

        std::this_thread::sleep_for(100ms);


        demonstrate_audit_trail();

        std::this_thread::sleep_for(100ms);


        demonstrate_compliance_logging();

        std::this_thread::sleep_for(100ms);


        demonstrate_intrusion_detection();

        std::this_thread::sleep_for(100ms);


        demonstrate_security_metrics();


        // Cleanup

        logger->stop();

        logger->flush();


        std::cout << "\n=== Security Demo Complete ===" << std::endl;

        std::cout << "Check the following files for results:" << std::endl;

        std::cout << "- security_encrypted.log (encrypted messages)" << std::endl;

        std::cout << "- audit_trail.log (critical security events)" << std::endl;


    } catch (const std::exception& e) {

        std::cerr << "Error: " << e.what() << std::endl;

        return 1;

    }


    return 0;

}


kcenon::logger::log_filter_interface
Interface for log filters.
Definition log_filter_interface.h:28

kcenon::logger::small_string::to_string
std::string to_string() const
Convert to std::string.
Definition small_string.h:331

security_filter
Definition security_demo.cpp:39

security_filter::get_name
std::string get_name() const override
Get the name of this filter.
Definition security_demo.cpp:52

security_filter::should_log
bool should_log(const log_entry &entry) const override
Check if a log entry should be processed.
Definition security_demo.cpp:41

console_writer.h
Console writer for logging to stdout/stderr.

file_writer.h
File writer for logging to files with optional buffering.

log_filter_interface.h
Interface for log filters used by filtered_logger.

logger.h
High-performance, thread-safe logging system with asynchronous capabilities.

kcenon::logger
Definition common_logger_adapter.h:29

logger_system
Definition compatibility.h:17

demonstrate_compliance_logging
void demonstrate_compliance_logging()
Definition security_demo.cpp:156

demonstrate_intrusion_detection
void demonstrate_intrusion_detection()
Definition security_demo.cpp:191

demonstrate_encryption
void demonstrate_encryption()
Definition security_demo.cpp:116

demonstrate_log_sanitization
void demonstrate_log_sanitization()
Definition security_demo.cpp:57

demonstrate_security_logging
void demonstrate_security_logging()
Definition security_demo.cpp:85

demonstrate_security_metrics
void demonstrate_security_metrics()
Definition security_demo.cpp:226

demonstrate_audit_trail
void demonstrate_audit_trail()
Definition security_demo.cpp:133

main
int main()
Definition security_demo.cpp:259

kcenon::logger::log_entry
Represents a single log entry with all associated metadata.
Definition log_entry.h:155

kcenon::logger::log_entry::message
small_string_256 message
The actual log message.
Definition log_entry.h:169