Module: Legion::Audit::SiemExport
- Defined in:
- lib/legion/audit/siem_export.rb
Class Method Summary collapse
Class Method Details
.export_batch(records) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
# File 'lib/legion/audit/siem_export.rb', line 8 def export_batch(records) records.map do |r| { timestamp: r[:created_at], source: 'legion', event_type: r[:event_type] || 'audit', principal: r[:principal_id], action: r[:action], resource: r[:resource], status: r[:status], detail: r[:detail], integrity: { record_hash: r[:record_hash], previous_hash: r[:previous_hash], algorithm: 'SHA256' } } end end |
.to_ndjson(records) ⇒ Object
28 29 30 |
# File 'lib/legion/audit/siem_export.rb', line 28 def to_ndjson(records) export_batch(records).map { |r| Legion::JSON.generate(r) }.join("\n") end |