Project

lex-audit

0.0
No release in over 3 years
lex-auditlegionio/lex-auditHomepageDocumentationSource CodeBug TrackerWiki
Immutable audit logging with SHA-256 hash chain for LegionIO execution decisions
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
 Popularity
Downloads
99
Stars
0
Forks
0
Watchers
0
 Releases
Current version
0.1.0
Total releases
1
First release
1980-01-02
Latest release
1980-01-02
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2026-03-17
Reverse Dependencies
0

 Dependencies

Development

rake
>= 0
rspec
>= 0
rubocop
>= 0
rubocop-rspec
>= 0
sequel
>= 0
sqlite3
>= 0
 Project Readme

lex-audit

Immutable audit logging with SHA-256 hash chain for LegionIO. Records every runner execution and lifecycle transition as a tamper-evident audit trail.

Installation

gem install lex-audit

Functions

  • write - Create a hash-chained audit record (each record's hash depends on the previous record)
  • verify - Validate the entire hash chain to detect any tampering or corruption

How It Works

Every audit record includes a SHA-256 hash computed from: prev_hash|event_type|principal_id|action|resource|created_at. Each record references the previous record's hash, forming an immutable chain. Breaking any record invalidates all subsequent hashes.

The audit.log queue uses x-single-active-consumer: true to ensure only one consumer writes at a time, preserving hash chain ordering across a cluster.

Legion::Audit.record in LegionIO publishes audit events via AMQP. It uses triple-guard checks and silent rescue to never interfere with normal operation.

Event Types

Type Source Description
runner_execution Runner.run Every task execution with duration and status
lifecycle_transition DigitalWorker::Lifecycle Worker state machine transitions

Requirements

  • Ruby >= 3.4
  • LegionIO framework
  • legion-data (database required)

License

MIT