@neurosec/sentry 1.1.0 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +21 -4
- package/dist/config.js.map +1 -1
- package/dist/config.test.d.ts +2 -0
- package/dist/config.test.d.ts.map +1 -0
- package/dist/config.test.js +122 -0
- package/dist/config.test.js.map +1 -0
- package/dist/http-client.d.ts.map +1 -1
- package/dist/http-client.js +12 -1
- package/dist/http-client.js.map +1 -1
- package/dist/http-client.test.js +3 -0
- package/dist/http-client.test.js.map +1 -1
- package/dist/redirect/platform-redirect.d.ts +7 -0
- package/dist/redirect/platform-redirect.d.ts.map +1 -1
- package/dist/redirect/platform-redirect.js +102 -25
- package/dist/redirect/platform-redirect.js.map +1 -1
- package/dist/redirect/platform-redirect.test.js +28 -10
- package/dist/redirect/platform-redirect.test.js.map +1 -1
- package/package.json +1 -1
- package/dist/action-logger.d.ts +0 -40
- package/dist/action-logger.d.ts.map +0 -1
- package/dist/action-logger.js +0 -252
- package/dist/action-logger.js.map +0 -1
- package/dist/agent-registry.d.ts +0 -24
- package/dist/agent-registry.d.ts.map +0 -1
- package/dist/agent-registry.js +0 -176
- package/dist/agent-registry.js.map +0 -1
- package/dist/anomaly-detector.d.ts +0 -26
- package/dist/anomaly-detector.d.ts.map +0 -1
- package/dist/anomaly-detector.js +0 -299
- package/dist/anomaly-detector.js.map +0 -1
|
@@ -22,25 +22,43 @@ function proxyConfig(port = 9081) {
|
|
|
22
22
|
};
|
|
23
23
|
}
|
|
24
24
|
(0, vitest_1.describe)('PlatformRedirect rule shapes (S-C13 / S-C14)', () => {
|
|
25
|
-
(0, vitest_1.it)('Linux rule
|
|
25
|
+
(0, vitest_1.it)('Linux rule never excludes root (S-C13): excludes only a dedicated non-root daemon uid', async () => {
|
|
26
26
|
if (os_1.default.platform() !== 'linux')
|
|
27
27
|
return;
|
|
28
28
|
const r = new platform_redirect_1.PlatformRedirect(proxyConfig());
|
|
29
29
|
await r.installRedirect().catch(() => undefined);
|
|
30
30
|
const rules = r._getInstalledRules();
|
|
31
|
-
//
|
|
31
|
+
// When the daemon runs as root the transparent redirect is refused entirely
|
|
32
|
+
// (no rule installed), so root-running agents are never silently bypassed.
|
|
33
|
+
if (typeof process.getuid === 'function' && process.getuid() === 0) {
|
|
34
|
+
(0, vitest_1.expect)(rules.filter((rule) => rule.kind === 'iptables')).toHaveLength(0);
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
37
|
+
// As a non-root user, any installed rule must exclude ONLY this daemon's uid
|
|
38
|
+
// (loop avoidance) and never uid 0.
|
|
32
39
|
for (const rule of rules) {
|
|
33
40
|
const arg = rule.args.join(' ');
|
|
34
|
-
(0, vitest_1.expect)(arg).not.toMatch(
|
|
35
|
-
(0, vitest_1.expect)(arg).not.toMatch(/!\s*--uid-owner\s+0/);
|
|
41
|
+
(0, vitest_1.expect)(arg).not.toMatch(/!\s*--uid-owner\s+0\b/);
|
|
36
42
|
}
|
|
37
43
|
});
|
|
38
|
-
(0, vitest_1.it)('Linux rule
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
//
|
|
42
|
-
|
|
43
|
-
|
|
44
|
+
(0, vitest_1.it)('Linux rule redirects TLS to the HTTPS interception port and scopes by destination', async () => {
|
|
45
|
+
if (os_1.default.platform() !== 'linux')
|
|
46
|
+
return;
|
|
47
|
+
// interceptHttps=true → TLS (443) must be redirected to port+1 (the HTTPS
|
|
48
|
+
// listener), never to the plain-HTTP proxy port. Each rule must be scoped to
|
|
49
|
+
// a specific destination IP (-d), never a blanket all-443 capture.
|
|
50
|
+
const r = new platform_redirect_1.PlatformRedirect({ ...proxyConfig(9081), interceptHttps: true });
|
|
51
|
+
await r.installRedirect().catch(() => undefined);
|
|
52
|
+
for (const rule of r._getInstalledRules()) {
|
|
53
|
+
if (rule.kind !== 'iptables')
|
|
54
|
+
continue;
|
|
55
|
+
const arg = rule.args.join(' ');
|
|
56
|
+
(0, vitest_1.expect)(arg).toContain('--dport 443');
|
|
57
|
+
(0, vitest_1.expect)(arg).toMatch(/-d\s+\d+\.\d+\.\d+\.\d+\/32/);
|
|
58
|
+
(0, vitest_1.expect)(arg).toContain('--to-port 9082');
|
|
59
|
+
// Must NOT be the old blanket-capture shape.
|
|
60
|
+
(0, vitest_1.expect)(arg).not.toContain('--dst-type LOCAL');
|
|
61
|
+
}
|
|
44
62
|
});
|
|
45
63
|
(0, vitest_1.it)('macOS does not bind to lo0 (S-C14)', async () => {
|
|
46
64
|
if (os_1.default.platform() !== 'darwin')
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"platform-redirect.test.js","sourceRoot":"","sources":["../../src/redirect/platform-redirect.test.ts"],"names":[],"mappings":";;;;;AAAA;;;;;;GAMG;AACH,mCAA8C;AAC9C,4CAAoB;AACpB,2DAAuD;AAGvD,SAAS,WAAW,CAAC,IAAI,GAAG,IAAI;IAC9B,OAAO;QACL,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW;QAC7C,iBAAiB,EAAE,CAAC,EAAE,eAAe,EAAE,CAAC;QACxC,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;QAChD,gBAAgB,EAAE,CAAC,GAAG,CAAC,EAAE,gBAAgB,EAAE,KAAK;KACjD,CAAC;AACJ,CAAC;AAED,IAAA,iBAAQ,EAAC,8CAA8C,EAAE,GAAG,EAAE;IAC5D,IAAA,WAAE,EAAC,
|
|
1
|
+
{"version":3,"file":"platform-redirect.test.js","sourceRoot":"","sources":["../../src/redirect/platform-redirect.test.ts"],"names":[],"mappings":";;;;;AAAA;;;;;;GAMG;AACH,mCAA8C;AAC9C,4CAAoB;AACpB,2DAAuD;AAGvD,SAAS,WAAW,CAAC,IAAI,GAAG,IAAI;IAC9B,OAAO;QACL,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW;QAC7C,iBAAiB,EAAE,CAAC,EAAE,eAAe,EAAE,CAAC;QACxC,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;QAChD,gBAAgB,EAAE,CAAC,GAAG,CAAC,EAAE,gBAAgB,EAAE,KAAK;KACjD,CAAC;AACJ,CAAC;AAED,IAAA,iBAAQ,EAAC,8CAA8C,EAAE,GAAG,EAAE;IAC5D,IAAA,WAAE,EAAC,uFAAuF,EAAE,KAAK,IAAI,EAAE;QACrG,IAAI,YAAE,CAAC,QAAQ,EAAE,KAAK,OAAO;YAAE,OAAO;QACtC,MAAM,CAAC,GAAG,IAAI,oCAAgB,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9C,MAAM,CAAC,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QACjD,MAAM,KAAK,GAAG,CAAC,CAAC,kBAAkB,EAAE,CAAC;QACrC,4EAA4E;QAC5E,2EAA2E;QAC3E,IAAI,OAAO,OAAO,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YACnE,IAAA,eAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACzE,OAAO;QACT,CAAC;QACD,6EAA6E;QAC7E,oCAAoC;QACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAChC,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QACnD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,mFAAmF,EAAE,KAAK,IAAI,EAAE;QACjG,IAAI,YAAE,CAAC,QAAQ,EAAE,KAAK,OAAO;YAAE,OAAO;QACtC,0EAA0E;QAC1E,6EAA6E;QAC7E,mEAAmE;QACnE,MAAM,CAAC,GAAG,IAAI,oCAAgB,CAAC,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/E,MAAM,CAAC,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QACjD,KAAK,MAAM,IAAI,IAAI,CAAC,CAAC,kBAAkB,EAAE,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU;gBAAE,SAAS;YACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAChC,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;YACrC,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC;YACnD,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YACxC,6CAA6C;YAC7C,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;QAClD,IAAI,YAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ;YAAE,OAAO;QACvC,MAAM,CAAC,GAAG,IAAI,oCAAgB,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9C,MAAM,CAAC,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QACjD,MAAM,KAAK,GAAG,CAAC,CAAC,kBAAkB,EAAE,CAAC;QACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,SAAS;YACjC,yEAAyE;YACzE,+DAA+D;YAC/D,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC1D,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,CAAC;oBACH,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;oBAC/D,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;gBAC3C,CAAC;gBAAC,MAAM,CAAC;oBACP,yDAAyD;gBAC3D,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,gEAAgE,EAAE,KAAK,IAAI,EAAE;QAC9E,MAAM,CAAC,GAAG,IAAI,oCAAgB,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9C,MAAM,CAAC,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QACjD,MAAM,CAAC,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QAChD,kEAAkE;QAClE,IAAA,eAAM,EAAC,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/package.json
CHANGED
package/dist/action-logger.d.ts
DELETED
|
@@ -1,40 +0,0 @@
|
|
|
1
|
-
import { AgentAction, AgentActionType, EnforcementDecision, FileAccessEvent, NetworkEvent, TaggedProcess } from './types';
|
|
2
|
-
import { AuditLogger } from './audit';
|
|
3
|
-
export declare class ActionLogger {
|
|
4
|
-
private config;
|
|
5
|
-
private auditLogger;
|
|
6
|
-
private pending;
|
|
7
|
-
private flushTimer;
|
|
8
|
-
private processedCount;
|
|
9
|
-
constructor(auditLogger: AuditLogger, hostId: string);
|
|
10
|
-
start(): void;
|
|
11
|
-
stop(): void;
|
|
12
|
-
logAction(params: {
|
|
13
|
-
pid: number;
|
|
14
|
-
frameworkId: string;
|
|
15
|
-
type: AgentActionType;
|
|
16
|
-
intent: string;
|
|
17
|
-
context: string;
|
|
18
|
-
reasoningTrace?: string[];
|
|
19
|
-
input: string;
|
|
20
|
-
output: string;
|
|
21
|
-
durationMs: number;
|
|
22
|
-
success: boolean;
|
|
23
|
-
errorMessage?: string | null;
|
|
24
|
-
dataClassifications?: string[];
|
|
25
|
-
decision: AgentAction['decision'];
|
|
26
|
-
decisionReason: string;
|
|
27
|
-
}): void;
|
|
28
|
-
logFromDecision(pid: number, frameworkId: string, decision: EnforcementDecision): void;
|
|
29
|
-
logFileAccess(pid: number, frameworkId: string, event: FileAccessEvent, process: TaggedProcess): void;
|
|
30
|
-
logNetworkAccess(pid: number, frameworkId: string, event: NetworkEvent): void;
|
|
31
|
-
getRecentActions(limit?: number): AgentAction[];
|
|
32
|
-
getProcessedCount(): number;
|
|
33
|
-
private flush;
|
|
34
|
-
private detectSensitiveData;
|
|
35
|
-
private computeRiskScore;
|
|
36
|
-
private getRiskFactors;
|
|
37
|
-
private decisionTypeToActionType;
|
|
38
|
-
private classifyPath;
|
|
39
|
-
}
|
|
40
|
-
//# sourceMappingURL=action-logger.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"action-logger.d.ts","sourceRoot":"","sources":["../src/action-logger.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,mBAAmB,EAAE,eAAe,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC1H,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAWtC,qBAAa,YAAY;IACvB,OAAO,CAAC,MAAM,CAAqB;IACnC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,OAAO,CAAqB;IACpC,OAAO,CAAC,UAAU,CAA+C;IACjE,OAAO,CAAC,cAAc,CAAK;gBAEf,WAAW,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM;IAgBpD,KAAK,IAAI,IAAI;IAQb,IAAI,IAAI,IAAI;IAUZ,SAAS,CAAC,MAAM,EAAE;QAChB,GAAG,EAAE,MAAM,CAAC;QACZ,WAAW,EAAE,MAAM,CAAC;QACpB,IAAI,EAAE,eAAe,CAAC;QACtB,MAAM,EAAE,MAAM,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;QAC1B,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,OAAO,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC7B,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC/B,QAAQ,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC;QAClC,cAAc,EAAE,MAAM,CAAC;KACxB,GAAG,IAAI;IAiER,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAmB,GAAG,IAAI;IAiBtF,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,aAAa,GAAG,IAAI;IAkBrG,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,GAAG,IAAI;IAmB7E,gBAAgB,CAAC,KAAK,SAAM,GAAG,WAAW,EAAE;IAI5C,iBAAiB,IAAI,MAAM;IAM3B,OAAO,CAAC,KAAK;IA4Bb,OAAO,CAAC,mBAAmB;IAK3B,OAAO,CAAC,gBAAgB;IA4BxB,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,wBAAwB;IAWhC,OAAO,CAAC,YAAY;CAoBrB"}
|
package/dist/action-logger.js
DELETED
|
@@ -1,252 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.ActionLogger = void 0;
|
|
4
|
-
const crypto_1 = require("crypto");
|
|
5
|
-
const logger_1 = require("./logger");
|
|
6
|
-
class ActionLogger {
|
|
7
|
-
constructor(auditLogger, hostId) {
|
|
8
|
-
this.pending = [];
|
|
9
|
-
this.flushTimer = null;
|
|
10
|
-
this.processedCount = 0;
|
|
11
|
-
this.auditLogger = auditLogger;
|
|
12
|
-
this.config = {
|
|
13
|
-
hostId,
|
|
14
|
-
batchSize: 50,
|
|
15
|
-
flushIntervalMs: 10000,
|
|
16
|
-
sensitivePatterns: [
|
|
17
|
-
/api[-_]?key/i, /secret/i, /password/i, /token/i, /credential/i,
|
|
18
|
-
/auth[-_]?header/i, /bearer/i, /sk-[a-zA-Z0-9]{20,}/i,
|
|
19
|
-
/-----BEGIN (RSA |EC )?PRIVATE KEY-----/,
|
|
20
|
-
/social_security/i, /ssn/i, /passport/i, /credit_card/i, /cvv/i,
|
|
21
|
-
],
|
|
22
|
-
maxActionInputLength: 10000,
|
|
23
|
-
};
|
|
24
|
-
}
|
|
25
|
-
start() {
|
|
26
|
-
this.flushTimer = setInterval(() => this.flush(), this.config.flushIntervalMs);
|
|
27
|
-
logger_1.logger.info('Action logger started', {
|
|
28
|
-
batchSize: this.config.batchSize,
|
|
29
|
-
intervalMs: this.config.flushIntervalMs,
|
|
30
|
-
});
|
|
31
|
-
}
|
|
32
|
-
stop() {
|
|
33
|
-
if (this.flushTimer) {
|
|
34
|
-
clearInterval(this.flushTimer);
|
|
35
|
-
this.flushTimer = null;
|
|
36
|
-
}
|
|
37
|
-
this.flush();
|
|
38
|
-
}
|
|
39
|
-
// ── AEGIS: Log agent actions with intent & reasoning context ─────────────
|
|
40
|
-
logAction(params) {
|
|
41
|
-
const sensitiveData = this.detectSensitiveData(params.input, params.output);
|
|
42
|
-
const riskScore = this.computeRiskScore(params.type, sensitiveData, params.intent, params.context);
|
|
43
|
-
const action = {
|
|
44
|
-
id: (0, crypto_1.randomUUID)(),
|
|
45
|
-
pid: params.pid,
|
|
46
|
-
frameworkId: params.frameworkId,
|
|
47
|
-
hostId: this.config.hostId,
|
|
48
|
-
type: params.type,
|
|
49
|
-
timestamp: Date.now(),
|
|
50
|
-
intent: params.intent,
|
|
51
|
-
context: params.context,
|
|
52
|
-
reasoningTrace: params.reasoningTrace ?? [],
|
|
53
|
-
input: params.input.slice(0, this.config.maxActionInputLength),
|
|
54
|
-
output: params.output.slice(0, this.config.maxActionInputLength),
|
|
55
|
-
durationMs: params.durationMs,
|
|
56
|
-
success: params.success,
|
|
57
|
-
errorMessage: params.errorMessage ?? null,
|
|
58
|
-
dataClassifications: params.dataClassifications ?? [],
|
|
59
|
-
sensitiveDataDetected: sensitiveData,
|
|
60
|
-
riskScore,
|
|
61
|
-
riskFactors: this.getRiskFactors(riskScore),
|
|
62
|
-
decision: params.decision,
|
|
63
|
-
decisionReason: params.decisionReason,
|
|
64
|
-
};
|
|
65
|
-
this.pending.push(action);
|
|
66
|
-
this.processedCount++;
|
|
67
|
-
if (this.pending.length >= this.config.batchSize) {
|
|
68
|
-
this.flush();
|
|
69
|
-
}
|
|
70
|
-
// Log high-risk actions immediately to audit log
|
|
71
|
-
if (riskScore >= 7) {
|
|
72
|
-
const auditAction = riskScore >= 8 ? 'deny' : 'allow';
|
|
73
|
-
this.auditLogger.log({
|
|
74
|
-
id: action.id,
|
|
75
|
-
timestamp: action.timestamp,
|
|
76
|
-
type: 'process',
|
|
77
|
-
action: auditAction,
|
|
78
|
-
frameworkId: action.frameworkId,
|
|
79
|
-
frameworkName: null,
|
|
80
|
-
pid: action.pid,
|
|
81
|
-
reason: `High-risk action: ${action.type} (score: ${riskScore})`,
|
|
82
|
-
detail: {
|
|
83
|
-
actionType: action.type,
|
|
84
|
-
intent: action.intent,
|
|
85
|
-
riskScore,
|
|
86
|
-
riskFactors: action.riskFactors,
|
|
87
|
-
sensitiveData: action.sensitiveDataDetected,
|
|
88
|
-
},
|
|
89
|
-
hostname: this.config.hostId,
|
|
90
|
-
});
|
|
91
|
-
}
|
|
92
|
-
}
|
|
93
|
-
// ── AEGIS: Log from enforcement decisions ────────────────────────────────
|
|
94
|
-
logFromDecision(pid, frameworkId, decision) {
|
|
95
|
-
this.logAction({
|
|
96
|
-
pid,
|
|
97
|
-
frameworkId,
|
|
98
|
-
type: this.decisionTypeToActionType(decision.type),
|
|
99
|
-
intent: decision.reason,
|
|
100
|
-
context: JSON.stringify(decision.detail),
|
|
101
|
-
input: '',
|
|
102
|
-
output: '',
|
|
103
|
-
durationMs: 0,
|
|
104
|
-
success: decision.action === 'allow',
|
|
105
|
-
errorMessage: decision.action !== 'allow' ? decision.reason : null,
|
|
106
|
-
decision: decision.action,
|
|
107
|
-
decisionReason: decision.reason,
|
|
108
|
-
});
|
|
109
|
-
}
|
|
110
|
-
logFileAccess(pid, frameworkId, event, process) {
|
|
111
|
-
this.logAction({
|
|
112
|
-
pid,
|
|
113
|
-
frameworkId,
|
|
114
|
-
type: event.operation === 'read' ? 'file_read' : 'file_write',
|
|
115
|
-
intent: `File ${event.operation} on ${event.targetPath}`,
|
|
116
|
-
context: `Process: ${process.command.slice(0, 200)}`,
|
|
117
|
-
input: event.targetPath,
|
|
118
|
-
output: '',
|
|
119
|
-
durationMs: 0,
|
|
120
|
-
success: event.decision === 'allow',
|
|
121
|
-
errorMessage: event.decision !== 'allow' ? 'Access denied by policy' : null,
|
|
122
|
-
dataClassifications: this.classifyPath(event.targetPath),
|
|
123
|
-
decision: event.decision,
|
|
124
|
-
decisionReason: event.decision === 'allow' ? 'Policy allowed' : 'Policy denied',
|
|
125
|
-
});
|
|
126
|
-
}
|
|
127
|
-
logNetworkAccess(pid, frameworkId, event) {
|
|
128
|
-
this.logAction({
|
|
129
|
-
pid,
|
|
130
|
-
frameworkId,
|
|
131
|
-
type: 'network_egress',
|
|
132
|
-
intent: `Network ${event.direction} to ${event.hostname ?? event.destIp}:${event.destPort}`,
|
|
133
|
-
context: `Destination: ${event.destIp}:${event.destPort}`,
|
|
134
|
-
input: `${event.hostname ?? event.destIp}:${event.destPort}`,
|
|
135
|
-
output: '',
|
|
136
|
-
durationMs: 0,
|
|
137
|
-
success: event.decision === 'allow',
|
|
138
|
-
errorMessage: event.decision !== 'allow' ? 'Connection denied by policy' : null,
|
|
139
|
-
decision: event.decision,
|
|
140
|
-
decisionReason: event.decision === 'allow' ? 'Policy allowed' : 'Policy denied',
|
|
141
|
-
});
|
|
142
|
-
}
|
|
143
|
-
// ── Query / stats ────────────────────────────────────────────────────────
|
|
144
|
-
getRecentActions(limit = 100) {
|
|
145
|
-
return this.pending.slice(-limit);
|
|
146
|
-
}
|
|
147
|
-
getProcessedCount() {
|
|
148
|
-
return this.processedCount;
|
|
149
|
-
}
|
|
150
|
-
// ── Internal ─────────────────────────────────────────────────────────────
|
|
151
|
-
flush() {
|
|
152
|
-
if (this.pending.length === 0)
|
|
153
|
-
return;
|
|
154
|
-
const batch = this.pending.splice(0, this.config.batchSize);
|
|
155
|
-
// Write to audit log as summary
|
|
156
|
-
const highRisk = batch.filter(a => a.riskScore >= 6);
|
|
157
|
-
for (const action of highRisk) {
|
|
158
|
-
this.auditLogger.log({
|
|
159
|
-
id: action.id,
|
|
160
|
-
timestamp: action.timestamp,
|
|
161
|
-
type: 'process',
|
|
162
|
-
action: action.decision === 'monitor' ? 'allow' : action.decision,
|
|
163
|
-
frameworkId: action.frameworkId,
|
|
164
|
-
frameworkName: null,
|
|
165
|
-
pid: action.pid,
|
|
166
|
-
reason: `AEGIS action: ${action.type} — ${action.intent}`,
|
|
167
|
-
detail: {
|
|
168
|
-
actionType: action.type,
|
|
169
|
-
riskScore: action.riskScore,
|
|
170
|
-
riskFactors: action.riskFactors,
|
|
171
|
-
sensitiveData: action.sensitiveDataDetected,
|
|
172
|
-
dataClassifications: action.dataClassifications,
|
|
173
|
-
durationMs: action.durationMs,
|
|
174
|
-
},
|
|
175
|
-
hostname: this.config.hostId,
|
|
176
|
-
});
|
|
177
|
-
}
|
|
178
|
-
}
|
|
179
|
-
detectSensitiveData(input, output) {
|
|
180
|
-
const combined = `${input} ${output}`;
|
|
181
|
-
return this.config.sensitivePatterns.some(p => p.test(combined));
|
|
182
|
-
}
|
|
183
|
-
computeRiskScore(type, sensitiveData, intent, context) {
|
|
184
|
-
let score = 0;
|
|
185
|
-
// High-risk action types
|
|
186
|
-
if (['file_delete', 'syscall', 'child_spawn'].includes(type))
|
|
187
|
-
score += 4;
|
|
188
|
-
if (['file_write', 'network_egress', 'skill_invoke', 'api_call'].includes(type))
|
|
189
|
-
score += 2;
|
|
190
|
-
if (['tool_call', 'network_ingress'].includes(type))
|
|
191
|
-
score += 1;
|
|
192
|
-
// Sensitive data increases risk
|
|
193
|
-
if (sensitiveData)
|
|
194
|
-
score += 3;
|
|
195
|
-
// Intent analysis
|
|
196
|
-
const highRiskIntent = /delete|remove|destroy|wipe|overwrite|chmod|chown|sudo|exec/i;
|
|
197
|
-
const moderateRiskIntent = /write|modify|update|deploy|push|publish|expose/i;
|
|
198
|
-
if (highRiskIntent.test(intent))
|
|
199
|
-
score += 3;
|
|
200
|
-
else if (moderateRiskIntent.test(intent))
|
|
201
|
-
score += 1;
|
|
202
|
-
// Context analysis
|
|
203
|
-
if (/production|prod|live/i.test(context))
|
|
204
|
-
score += 1;
|
|
205
|
-
return Math.min(score, 10);
|
|
206
|
-
}
|
|
207
|
-
getRiskFactors(score) {
|
|
208
|
-
const factors = [];
|
|
209
|
-
if (score >= 8)
|
|
210
|
-
factors.push('critical_risk');
|
|
211
|
-
if (score >= 6)
|
|
212
|
-
factors.push('high_risk');
|
|
213
|
-
if (score >= 4)
|
|
214
|
-
factors.push('elevated_risk');
|
|
215
|
-
if (score < 4)
|
|
216
|
-
factors.push('normal');
|
|
217
|
-
return factors;
|
|
218
|
-
}
|
|
219
|
-
decisionTypeToActionType(decisionType) {
|
|
220
|
-
switch (decisionType) {
|
|
221
|
-
case 'file_access': return 'file_read';
|
|
222
|
-
case 'network': return 'network_egress';
|
|
223
|
-
case 'syscall': return 'syscall';
|
|
224
|
-
case 'skill': return 'skill_invoke';
|
|
225
|
-
case 'process': return 'child_spawn';
|
|
226
|
-
default: return 'api_call';
|
|
227
|
-
}
|
|
228
|
-
}
|
|
229
|
-
classifyPath(filePath) {
|
|
230
|
-
const classifications = [];
|
|
231
|
-
if (/\.ssh\/|\.aws\/|\.kube\/|\.gcloud\//i.test(filePath)) {
|
|
232
|
-
classifications.push('infrastructure_credentials');
|
|
233
|
-
}
|
|
234
|
-
if (/\.git\/|\.svn\//i.test(filePath))
|
|
235
|
-
classifications.push('source_code');
|
|
236
|
-
if (/etc\/passwd|etc\/shadow|etc\/sudoers/i.test(filePath)) {
|
|
237
|
-
classifications.push('system_config');
|
|
238
|
-
}
|
|
239
|
-
if (/token|secret|key|credential/i.test(filePath)) {
|
|
240
|
-
classifications.push('secrets');
|
|
241
|
-
}
|
|
242
|
-
if (/\.pem$|\.key$|\.crt$|cert/i.test(filePath)) {
|
|
243
|
-
classifications.push('certificates');
|
|
244
|
-
}
|
|
245
|
-
if (/database|db\/|\.sql$|\.db$/i.test(filePath)) {
|
|
246
|
-
classifications.push('database');
|
|
247
|
-
}
|
|
248
|
-
return classifications;
|
|
249
|
-
}
|
|
250
|
-
}
|
|
251
|
-
exports.ActionLogger = ActionLogger;
|
|
252
|
-
//# sourceMappingURL=action-logger.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"action-logger.js","sourceRoot":"","sources":["../src/action-logger.ts"],"names":[],"mappings":";;;AAAA,mCAAoC;AAGpC,qCAAkC;AAUlC,MAAa,YAAY;IAOvB,YAAY,WAAwB,EAAE,MAAc;QAJ5C,YAAO,GAAkB,EAAE,CAAC;QAC5B,eAAU,GAA0C,IAAI,CAAC;QACzD,mBAAc,GAAG,CAAC,CAAC;QAGzB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG;YACZ,MAAM;YACN,SAAS,EAAE,EAAE;YACb,eAAe,EAAE,KAAK;YACtB,iBAAiB,EAAE;gBACjB,cAAc,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,aAAa;gBAC/D,kBAAkB,EAAE,SAAS,EAAE,sBAAsB;gBACrD,wCAAwC;gBACxC,kBAAkB,EAAE,MAAM,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM;aAChE;YACD,oBAAoB,EAAE,KAAK;SAC5B,CAAC;IACJ,CAAC;IAED,KAAK;QACH,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QAC/E,eAAM,CAAC,IAAI,CAAC,uBAAuB,EAAE;YACnC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI;QACF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;IACf,CAAC;IAED,4EAA4E;IAE5E,SAAS,CAAC,MAeT;QACC,MAAM,aAAa,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAC5E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CACrC,MAAM,CAAC,IAAI,EACX,aAAa,EACb,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,OAAO,CACf,CAAC;QAEF,MAAM,MAAM,GAAgB;YAC1B,EAAE,EAAE,IAAA,mBAAU,GAAE;YAChB,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,EAAE;YAC3C,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC;YAC9D,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC;YAChE,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI;YACzC,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,EAAE;YACrD,qBAAqB,EAAE,aAAa;YACpC,SAAS;YACT,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC;YAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC1B,IAAI,CAAC,cAAc,EAAE,CAAC;QAEtB,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACjD,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,CAAC;QAED,iDAAiD;QACjD,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,MAAM,WAAW,GAAoC,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;YACvF,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;gBACnB,EAAE,EAAE,MAAM,CAAC,EAAE;gBACb,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,WAAW;gBACnB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,aAAa,EAAE,IAAI;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,MAAM,EAAE,qBAAqB,MAAM,CAAC,IAAI,YAAY,SAAS,GAAG;gBAChE,MAAM,EAAE;oBACN,UAAU,EAAE,MAAM,CAAC,IAAI;oBACvB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,SAAS;oBACT,WAAW,EAAE,MAAM,CAAC,WAAW;oBAC/B,aAAa,EAAE,MAAM,CAAC,qBAAqB;iBAC5C;gBACD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;aAC7B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,4EAA4E;IAE5E,eAAe,CAAC,GAAW,EAAE,WAAmB,EAAE,QAA6B;QAC7E,IAAI,CAAC,SAAS,CAAC;YACb,GAAG;YACH,WAAW;YACX,IAAI,EAAE,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,IAAI,CAAC;YAClD,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;YACxC,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,EAAE;YACV,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,QAAQ,CAAC,MAAM,KAAK,OAAO;YACpC,YAAY,EAAE,QAAQ,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI;YAClE,QAAQ,EAAE,QAAQ,CAAC,MAAM;YACzB,cAAc,EAAE,QAAQ,CAAC,MAAM;SAChC,CAAC,CAAC;IACL,CAAC;IAED,aAAa,CAAC,GAAW,EAAE,WAAmB,EAAE,KAAsB,EAAE,OAAsB;QAC5F,IAAI,CAAC,SAAS,CAAC;YACb,GAAG;YACH,WAAW;YACX,IAAI,EAAE,KAAK,CAAC,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY;YAC7D,MAAM,EAAE,QAAQ,KAAK,CAAC,SAAS,OAAO,KAAK,CAAC,UAAU,EAAE;YACxD,OAAO,EAAE,YAAY,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACpD,KAAK,EAAE,KAAK,CAAC,UAAU;YACvB,MAAM,EAAE,EAAE;YACV,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,CAAC,QAAQ,KAAK,OAAO;YACnC,YAAY,EAAE,KAAK,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,IAAI;YAC3E,mBAAmB,EAAE,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,UAAU,CAAC;YACxD,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,cAAc,EAAE,KAAK,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,eAAe;SAChF,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,GAAW,EAAE,WAAmB,EAAE,KAAmB;QACpE,IAAI,CAAC,SAAS,CAAC;YACb,GAAG;YACH,WAAW;YACX,IAAI,EAAE,gBAAgB;YACtB,MAAM,EAAE,WAAW,KAAK,CAAC,SAAS,OAAO,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE;YAC3F,OAAO,EAAE,gBAAgB,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE;YACzD,KAAK,EAAE,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE;YAC5D,MAAM,EAAE,EAAE;YACV,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,CAAC,QAAQ,KAAK,OAAO;YACnC,YAAY,EAAE,KAAK,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,6BAA6B,CAAC,CAAC,CAAC,IAAI;YAC/E,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,cAAc,EAAE,KAAK,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,eAAe;SAChF,CAAC,CAAC;IACL,CAAC;IAED,4EAA4E;IAE5E,gBAAgB,CAAC,KAAK,GAAG,GAAG;QAC1B,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;IACpC,CAAC;IAED,iBAAiB;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED,4EAA4E;IAEpE,KAAK;QACX,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QACtC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5D,gCAAgC;QAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC;QACrD,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;YAC9B,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;gBACnB,EAAE,EAAE,MAAM,CAAC,EAAE;gBACb,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAA2C;gBACpG,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,aAAa,EAAE,IAAI;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,MAAM,EAAE,iBAAiB,MAAM,CAAC,IAAI,MAAM,MAAM,CAAC,MAAM,EAAE;gBACzD,MAAM,EAAE;oBACN,UAAU,EAAE,MAAM,CAAC,IAAI;oBACvB,SAAS,EAAE,MAAM,CAAC,SAAS;oBAC3B,WAAW,EAAE,MAAM,CAAC,WAAW;oBAC/B,aAAa,EAAE,MAAM,CAAC,qBAAqB;oBAC3C,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;oBAC/C,UAAU,EAAE,MAAM,CAAC,UAAU;iBAC9B;gBACD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;aAC7B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,KAAa,EAAE,MAAc;QACvD,MAAM,QAAQ,GAAG,GAAG,KAAK,IAAI,MAAM,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACnE,CAAC;IAEO,gBAAgB,CACtB,IAAqB,EACrB,aAAsB,EACtB,MAAc,EACd,OAAe;QAEf,IAAI,KAAK,GAAG,CAAC,CAAC;QAEd,yBAAyB;QACzB,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC;QACzE,IAAI,CAAC,YAAY,EAAE,gBAAgB,EAAE,cAAc,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC;QAC5F,IAAI,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC;QAEhE,gCAAgC;QAChC,IAAI,aAAa;YAAE,KAAK,IAAI,CAAC,CAAC;QAE9B,kBAAkB;QAClB,MAAM,cAAc,GAAG,6DAA6D,CAAC;QACrF,MAAM,kBAAkB,GAAG,iDAAiD,CAAC;QAC7E,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC;aACvC,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC;QAErD,mBAAmB;QACnB,IAAI,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,KAAK,IAAI,CAAC,CAAC;QAEtD,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC7B,CAAC;IAEO,cAAc,CAAC,KAAa;QAClC,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,IAAI,KAAK,IAAI,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC9C,IAAI,KAAK,IAAI,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,KAAK,IAAI,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC9C,IAAI,KAAK,GAAG,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACtC,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,wBAAwB,CAAC,YAAoB;QACnD,QAAQ,YAAY,EAAE,CAAC;YACrB,KAAK,aAAa,CAAC,CAAC,OAAO,WAAW,CAAC;YACvC,KAAK,SAAS,CAAC,CAAC,OAAO,gBAAgB,CAAC;YACxC,KAAK,SAAS,CAAC,CAAC,OAAO,SAAS,CAAC;YACjC,KAAK,OAAO,CAAC,CAAC,OAAO,cAAc,CAAC;YACpC,KAAK,SAAS,CAAC,CAAC,OAAO,aAAa,CAAC;YACrC,OAAO,CAAC,CAAC,OAAO,UAAU,CAAC;QAC7B,CAAC;IACH,CAAC;IAEO,YAAY,CAAC,QAAgB;QACnC,MAAM,eAAe,GAAa,EAAE,CAAC;QACrC,IAAI,sCAAsC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1D,eAAe,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACrD,CAAC;QACD,IAAI,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC3E,IAAI,uCAAuC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3D,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,8BAA8B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClD,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChD,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,eAAe,CAAC;IACzB,CAAC;CACF;AA9RD,oCA8RC"}
|
package/dist/agent-registry.d.ts
DELETED
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import { AgentIdentity, AgentDocumentation, TaggedProcess, DecisionConstraint } from './types';
|
|
2
|
-
export declare class AgentRegistry {
|
|
3
|
-
private state;
|
|
4
|
-
private stateDir;
|
|
5
|
-
private dirty;
|
|
6
|
-
constructor(stateDir: string);
|
|
7
|
-
init(): Promise<void>;
|
|
8
|
-
registerOrUpdate(process: TaggedProcess, hostId: string): AgentIdentity;
|
|
9
|
-
decommission(frameworkId: string, pid: number): void;
|
|
10
|
-
quarantine(frameworkId: string, pid: number, reason: string): void;
|
|
11
|
-
updateDocumentation(frameworkId: string, pid: number, docs: Partial<AgentDocumentation>): void;
|
|
12
|
-
updateIdentity(frameworkId: string, pid: number, updates: Partial<AgentIdentity>): void;
|
|
13
|
-
setConstraint(constraint: DecisionConstraint): void;
|
|
14
|
-
getConstraint(frameworkId: string): DecisionConstraint | undefined;
|
|
15
|
-
getMaxDecisionLevel(frameworkId: string): DecisionConstraint['maxDecisionLevel'];
|
|
16
|
-
getActiveIdentities(): AgentIdentity[];
|
|
17
|
-
getIdentity(frameworkId: string, pid: number): AgentIdentity | undefined;
|
|
18
|
-
getIdentityById(id: string): AgentIdentity | undefined;
|
|
19
|
-
getAllIdentities(): AgentIdentity[];
|
|
20
|
-
getAgentOnAPage(frameworkId: string, pid: number): AgentIdentity | null;
|
|
21
|
-
private loadState;
|
|
22
|
-
flush(): Promise<void>;
|
|
23
|
-
}
|
|
24
|
-
//# sourceMappingURL=agent-registry.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"agent-registry.d.ts","sourceRoot":"","sources":["../src/agent-registry.ts"],"names":[],"mappings":"AACA,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,aAAa,EACb,kBAAkB,EACnB,MAAM,SAAS,CAAC;AAUjB,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAGX;IACF,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,KAAK,CAAS;gBAEV,QAAQ,EAAE,MAAM;IAItB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ3B,gBAAgB,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,GAAG,aAAa;IAkDvE,YAAY,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAWpD,UAAU,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI;IAYlE,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,kBAAkB,CAAC,GAAG,IAAI;IAS9F,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG,IAAI;IAWvF,aAAa,CAAC,UAAU,EAAE,kBAAkB,GAAG,IAAI;IAKnD,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,kBAAkB,GAAG,SAAS;IAIlE,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,kBAAkB,CAAC,kBAAkB,CAAC;IAMhF,mBAAmB,IAAI,aAAa,EAAE;IAKtC,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS;IAIxE,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS;IAItD,gBAAgB,IAAI,aAAa,EAAE;IAKnC,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;YAMzD,SAAS;IAmBjB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAe7B"}
|
package/dist/agent-registry.js
DELETED
|
@@ -1,176 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.AgentRegistry = void 0;
|
|
7
|
-
const crypto_1 = require("crypto");
|
|
8
|
-
const logger_1 = require("./logger");
|
|
9
|
-
const promises_1 = __importDefault(require("fs/promises"));
|
|
10
|
-
const path_1 = __importDefault(require("path"));
|
|
11
|
-
class AgentRegistry {
|
|
12
|
-
constructor(stateDir) {
|
|
13
|
-
this.state = {
|
|
14
|
-
identities: new Map(),
|
|
15
|
-
constraints: new Map(),
|
|
16
|
-
};
|
|
17
|
-
this.dirty = false;
|
|
18
|
-
this.stateDir = path_1.default.join(stateDir, 'agent-registry');
|
|
19
|
-
}
|
|
20
|
-
async init() {
|
|
21
|
-
await promises_1.default.mkdir(this.stateDir, { recursive: true }).catch(() => { });
|
|
22
|
-
await this.loadState();
|
|
23
|
-
logger_1.logger.info('Agent registry initialized', { count: this.state.identities.size });
|
|
24
|
-
}
|
|
25
|
-
// ── Lifecycle: register / update / decommission ──────────────────────────
|
|
26
|
-
registerOrUpdate(process, hostId) {
|
|
27
|
-
const key = `${process.frameworkId}:${process.pid}`;
|
|
28
|
-
const existing = this.state.identities.get(key);
|
|
29
|
-
if (existing) {
|
|
30
|
-
existing.lastSeenAt = Date.now();
|
|
31
|
-
existing.pid = process.pid;
|
|
32
|
-
this.dirty = true;
|
|
33
|
-
return existing;
|
|
34
|
-
}
|
|
35
|
-
const identity = {
|
|
36
|
-
id: (0, crypto_1.randomUUID)(),
|
|
37
|
-
frameworkId: process.frameworkId,
|
|
38
|
-
frameworkName: process.frameworkName,
|
|
39
|
-
pid: process.pid,
|
|
40
|
-
ppid: process.ppid,
|
|
41
|
-
hostId,
|
|
42
|
-
command: process.command,
|
|
43
|
-
owner: '',
|
|
44
|
-
ownerEmail: '',
|
|
45
|
-
purpose: '',
|
|
46
|
-
riskLevel: 'medium',
|
|
47
|
-
status: 'active',
|
|
48
|
-
firstDiscoveredAt: Date.now(),
|
|
49
|
-
lastSeenAt: Date.now(),
|
|
50
|
-
decommissionedAt: null,
|
|
51
|
-
allowedTools: [],
|
|
52
|
-
allowedDataClassifications: [],
|
|
53
|
-
allowedDomains: [],
|
|
54
|
-
maxDecisionScope: 'act_autonomously',
|
|
55
|
-
documentation: {
|
|
56
|
-
description: '',
|
|
57
|
-
businessOwner: '',
|
|
58
|
-
technicalContact: '',
|
|
59
|
-
approvedUseCases: [],
|
|
60
|
-
prohibitedUseCases: [],
|
|
61
|
-
dataAccessRationale: '',
|
|
62
|
-
escalationContact: '',
|
|
63
|
-
reviewDate: '',
|
|
64
|
-
complianceFrameworks: [],
|
|
65
|
-
},
|
|
66
|
-
};
|
|
67
|
-
this.state.identities.set(key, identity);
|
|
68
|
-
this.dirty = true;
|
|
69
|
-
logger_1.logger.info('Agent registered', { framework: process.frameworkId, pid: process.pid });
|
|
70
|
-
return identity;
|
|
71
|
-
}
|
|
72
|
-
decommission(frameworkId, pid) {
|
|
73
|
-
const key = `${frameworkId}:${pid}`;
|
|
74
|
-
const identity = this.state.identities.get(key);
|
|
75
|
-
if (identity) {
|
|
76
|
-
identity.status = 'decommissioned';
|
|
77
|
-
identity.decommissionedAt = Date.now();
|
|
78
|
-
this.dirty = true;
|
|
79
|
-
logger_1.logger.info('Agent decommissioned', { framework: frameworkId, pid });
|
|
80
|
-
}
|
|
81
|
-
}
|
|
82
|
-
quarantine(frameworkId, pid, reason) {
|
|
83
|
-
const key = `${frameworkId}:${pid}`;
|
|
84
|
-
const identity = this.state.identities.get(key);
|
|
85
|
-
if (identity) {
|
|
86
|
-
identity.status = 'quarantined';
|
|
87
|
-
this.dirty = true;
|
|
88
|
-
logger_1.logger.warn('Agent quarantined', { framework: frameworkId, pid, reason });
|
|
89
|
-
}
|
|
90
|
-
}
|
|
91
|
-
// ── Documentation: Agent-on-a-Page ───────────────────────────────────────
|
|
92
|
-
updateDocumentation(frameworkId, pid, docs) {
|
|
93
|
-
const key = `${frameworkId}:${pid}`;
|
|
94
|
-
const identity = this.state.identities.get(key);
|
|
95
|
-
if (identity) {
|
|
96
|
-
Object.assign(identity.documentation, docs);
|
|
97
|
-
this.dirty = true;
|
|
98
|
-
}
|
|
99
|
-
}
|
|
100
|
-
updateIdentity(frameworkId, pid, updates) {
|
|
101
|
-
const key = `${frameworkId}:${pid}`;
|
|
102
|
-
const identity = this.state.identities.get(key);
|
|
103
|
-
if (identity) {
|
|
104
|
-
Object.assign(identity, updates);
|
|
105
|
-
this.dirty = true;
|
|
106
|
-
}
|
|
107
|
-
}
|
|
108
|
-
// ── Constraints: AEGIS least-agency (Zero Trust Domain) ──────────────────
|
|
109
|
-
setConstraint(constraint) {
|
|
110
|
-
this.state.constraints.set(constraint.frameworkId, constraint);
|
|
111
|
-
this.dirty = true;
|
|
112
|
-
}
|
|
113
|
-
getConstraint(frameworkId) {
|
|
114
|
-
return this.state.constraints.get(frameworkId);
|
|
115
|
-
}
|
|
116
|
-
getMaxDecisionLevel(frameworkId) {
|
|
117
|
-
return this.state.constraints.get(frameworkId)?.maxDecisionLevel ?? 'act_autonomously';
|
|
118
|
-
}
|
|
119
|
-
// ── Queries ──────────────────────────────────────────────────────────────
|
|
120
|
-
getActiveIdentities() {
|
|
121
|
-
return [...this.state.identities.values()]
|
|
122
|
-
.filter(i => i.status === 'active' || i.status === 'idle');
|
|
123
|
-
}
|
|
124
|
-
getIdentity(frameworkId, pid) {
|
|
125
|
-
return this.state.identities.get(`${frameworkId}:${pid}`);
|
|
126
|
-
}
|
|
127
|
-
getIdentityById(id) {
|
|
128
|
-
return [...this.state.identities.values()].find(i => i.id === id);
|
|
129
|
-
}
|
|
130
|
-
getAllIdentities() {
|
|
131
|
-
return [...this.state.identities.values()];
|
|
132
|
-
}
|
|
133
|
-
// AEGIS Agent-on-a-Page: return full documentation for governance review
|
|
134
|
-
getAgentOnAPage(frameworkId, pid) {
|
|
135
|
-
return this.getIdentity(frameworkId, pid) ?? null;
|
|
136
|
-
}
|
|
137
|
-
// ── Persistence ──────────────────────────────────────────────────────────
|
|
138
|
-
async loadState() {
|
|
139
|
-
try {
|
|
140
|
-
const data = await promises_1.default.readFile(path_1.default.join(this.stateDir, 'registry.json'), 'utf8');
|
|
141
|
-
const parsed = JSON.parse(data);
|
|
142
|
-
if (parsed.identities) {
|
|
143
|
-
for (const [k, v] of Object.entries(parsed.identities)) {
|
|
144
|
-
this.state.identities.set(k, v);
|
|
145
|
-
}
|
|
146
|
-
}
|
|
147
|
-
if (parsed.constraints) {
|
|
148
|
-
for (const [k, v] of Object.entries(parsed.constraints)) {
|
|
149
|
-
this.state.constraints.set(k, v);
|
|
150
|
-
}
|
|
151
|
-
}
|
|
152
|
-
}
|
|
153
|
-
catch {
|
|
154
|
-
// fresh start
|
|
155
|
-
}
|
|
156
|
-
}
|
|
157
|
-
async flush() {
|
|
158
|
-
if (!this.dirty)
|
|
159
|
-
return;
|
|
160
|
-
try {
|
|
161
|
-
const obj = {
|
|
162
|
-
identities: Object.fromEntries(this.state.identities),
|
|
163
|
-
constraints: Object.fromEntries(this.state.constraints),
|
|
164
|
-
};
|
|
165
|
-
const tmp = path_1.default.join(this.stateDir, `registry.tmp.${Date.now()}`);
|
|
166
|
-
await promises_1.default.writeFile(tmp, JSON.stringify(obj, null, 2), 'utf8');
|
|
167
|
-
await promises_1.default.rename(tmp, path_1.default.join(this.stateDir, 'registry.json'));
|
|
168
|
-
this.dirty = false;
|
|
169
|
-
}
|
|
170
|
-
catch (err) {
|
|
171
|
-
logger_1.logger.error('Failed to flush agent registry', { err: err.message });
|
|
172
|
-
}
|
|
173
|
-
}
|
|
174
|
-
}
|
|
175
|
-
exports.AgentRegistry = AgentRegistry;
|
|
176
|
-
//# sourceMappingURL=agent-registry.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"agent-registry.js","sourceRoot":"","sources":["../src/agent-registry.ts"],"names":[],"mappings":";;;;;;AAAA,mCAAoC;AAOpC,qCAAkC;AAClC,2DAA6B;AAC7B,gDAAwB;AAOxB,MAAa,aAAa;IAQxB,YAAY,QAAgB;QAPpB,UAAK,GAAkB;YAC7B,UAAU,EAAE,IAAI,GAAG,EAAE;YACrB,WAAW,EAAE,IAAI,GAAG,EAAE;SACvB,CAAC;QAEM,UAAK,GAAG,KAAK,CAAC;QAGpB,IAAI,CAAC,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,kBAAE,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACnE,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACvB,eAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,4EAA4E;IAE5E,gBAAgB,CAAC,OAAsB,EAAE,MAAc;QACrD,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACjC,QAAQ,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;YAClB,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAkB;YAC9B,EAAE,EAAE,IAAA,mBAAU,GAAE;YAChB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,MAAM;YACN,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;YACd,OAAO,EAAE,EAAE;YACX,SAAS,EAAE,QAAQ;YACnB,MAAM,EAAE,QAAQ;YAChB,iBAAiB,EAAE,IAAI,CAAC,GAAG,EAAE;YAC7B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;YACtB,gBAAgB,EAAE,IAAI;YACtB,YAAY,EAAE,EAAE;YAChB,0BAA0B,EAAE,EAAE;YAC9B,cAAc,EAAE,EAAE;YAClB,gBAAgB,EAAE,kBAAkB;YACpC,aAAa,EAAE;gBACb,WAAW,EAAE,EAAE;gBACf,aAAa,EAAE,EAAE;gBACjB,gBAAgB,EAAE,EAAE;gBACpB,gBAAgB,EAAE,EAAE;gBACpB,kBAAkB,EAAE,EAAE;gBACtB,mBAAmB,EAAE,EAAE;gBACvB,iBAAiB,EAAE,EAAE;gBACrB,UAAU,EAAE,EAAE;gBACd,oBAAoB,EAAE,EAAE;aACzB;SACF,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,eAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,WAAW,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QACtF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,YAAY,CAAC,WAAmB,EAAE,GAAW;QAC3C,MAAM,GAAG,GAAG,GAAG,WAAW,IAAI,GAAG,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC;YACnC,QAAQ,CAAC,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;YAClB,eAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,UAAU,CAAC,WAAmB,EAAE,GAAW,EAAE,MAAc;QACzD,MAAM,GAAG,GAAG,GAAG,WAAW,IAAI,GAAG,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,MAAM,GAAG,aAAa,CAAC;YAChC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;YAClB,eAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,4EAA4E;IAE5E,mBAAmB,CAAC,WAAmB,EAAE,GAAW,EAAE,IAAiC;QACrF,MAAM,GAAG,GAAG,GAAG,WAAW,IAAI,GAAG,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;YAC5C,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;IACH,CAAC;IAED,cAAc,CAAC,WAAmB,EAAE,GAAW,EAAE,OAA+B;QAC9E,MAAM,GAAG,GAAG,GAAG,WAAW,IAAI,GAAG,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACjC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;IACH,CAAC;IAED,4EAA4E;IAE5E,aAAa,CAAC,UAA8B;QAC1C,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QAC/D,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,aAAa,CAAC,WAAmB;QAC/B,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACjD,CAAC;IAED,mBAAmB,CAAC,WAAmB;QACrC,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,gBAAgB,IAAI,kBAAkB,CAAC;IACzF,CAAC;IAED,4EAA4E;IAE5E,mBAAmB;QACjB,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;aACvC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;IAC/D,CAAC;IAED,WAAW,CAAC,WAAmB,EAAE,GAAW;QAC1C,OAAO,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,WAAW,IAAI,GAAG,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,eAAe,CAAC,EAAU;QACxB,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,gBAAgB;QACd,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,yEAAyE;IACzE,eAAe,CAAC,WAAmB,EAAE,GAAW;QAC9C,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC;IACpD,CAAC;IAED,4EAA4E;IAEpE,KAAK,CAAC,SAAS;QACrB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC;YAClF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAChC,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;gBACtB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;oBACvD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,CAAkB,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;YACD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACvB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;oBACxD,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,CAAuB,CAAC,CAAC;gBACzD,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,cAAc;QAChB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO;QACxB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG;gBACV,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;gBACrD,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;aACxD,CAAC;YACF,MAAM,GAAG,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACnE,MAAM,kBAAE,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC9D,MAAM,kBAAE,CAAC,MAAM,CAAC,GAAG,EAAE,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;YAChE,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,GAAG,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;CACF;AA1LD,sCA0LC"}
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
import { AnomalyAlert, AgentAction, TaggedProcess } from './types';
|
|
2
|
-
import { AuditLogger } from './audit';
|
|
3
|
-
export declare class AnomalyDetector {
|
|
4
|
-
private config;
|
|
5
|
-
private auditLogger;
|
|
6
|
-
private baselines;
|
|
7
|
-
private actionBuffer;
|
|
8
|
-
private alerts;
|
|
9
|
-
private checkTimer;
|
|
10
|
-
constructor(auditLogger: AuditLogger, hostId: string);
|
|
11
|
-
start(): void;
|
|
12
|
-
stop(): void;
|
|
13
|
-
ingestAction(action: AgentAction): void;
|
|
14
|
-
private establishBaseline;
|
|
15
|
-
private detectDeviations;
|
|
16
|
-
private checkFrequencyDeviation;
|
|
17
|
-
private createAlert;
|
|
18
|
-
private getRecommendation;
|
|
19
|
-
private runCheck;
|
|
20
|
-
getOpenAlerts(): AnomalyAlert[];
|
|
21
|
-
getAllAlerts(): AnomalyAlert[];
|
|
22
|
-
resolveAlert(alertId: string, resolvedBy: string): boolean;
|
|
23
|
-
acknowledgeAlert(alertId: string): boolean;
|
|
24
|
-
ingestProcesses(processes: TaggedProcess[]): void;
|
|
25
|
-
}
|
|
26
|
-
//# sourceMappingURL=anomaly-detector.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"anomaly-detector.d.ts","sourceRoot":"","sources":["../src/anomaly-detector.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAoB,WAAW,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACrF,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAUtC,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAwB;IACtC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,SAAS,CAA4C;IAC7D,OAAO,CAAC,YAAY,CAAyC;IAC7D,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,UAAU,CAA+C;gBAErD,WAAW,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM;IAUpD,KAAK,IAAI,IAAI;IAQb,IAAI,IAAI,IAAI;IASZ,YAAY,CAAC,MAAM,EAAE,WAAW,GAAG,IAAI;IAgBvC,OAAO,CAAC,iBAAiB;IAqEzB,OAAO,CAAC,gBAAgB;IAsFxB,OAAO,CAAC,uBAAuB;IAwB/B,OAAO,CAAC,WAAW;IAuCnB,OAAO,CAAC,iBAAiB;IAmBzB,OAAO,CAAC,QAAQ;IA+ChB,aAAa,IAAI,YAAY,EAAE;IAI/B,YAAY,IAAI,YAAY,EAAE;IAI9B,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO;IAW1D,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAS1C,eAAe,CAAC,SAAS,EAAE,aAAa,EAAE,GAAG,IAAI;CAUlD"}
|