CerbiStream.GovernanceAnalyzer 1.0.4

CerbiStream Governance Analyzer

🛡️ CerbiStream Governance Analyzer

CerbiStream-GovernanceAnalyzer is a Roslyn-based static analysis tool that enforces structured logging policies at compile time using CerbiStream. It validates log structure, metadata fields, and allowed log levels against profiles defined in a cerbi_governance.json file.

✅ Why Use It?

• 🚀 Catch missing fields before runtime
• 🔐 Enforce log structure + levels across microservices
• 📊 Govern logs with per-profile validation
• ⚡ Fast, lightweight, and easy to configure
• ♻️ Supports dynamic JSON reloading at runtime

📦 Installation

dotnet add package CerbiStream.GovernanceAnalyzer

📋 How It Works

1️⃣ Define Governance JSON

Create a cerbi_governance.json file like this:

{
  "LoggingProfiles": {
    "API": {
      "RequiredFields": ["Timestamp", "LogLevel", "Message", "ApplicationId"],
      "OptionalFields": ["UserId", "TransactionId"],
      "AllowedLevels": ["Information", "Warning", "Error"],
      "EnforcementLevel": "Warning"
    },
    "SecurityLog": {
      "RequiredFields": ["UserId", "IPAddress"],
      "OptionalFields": ["DeviceType"],
      "AllowedLevels": ["Error", "Critical"],
      "EnforcementLevel": "Error"
    }
  }
}

2️⃣ Enable Analyzer During Build

If a log does not match required fields or uses a disallowed log level, a warning or error is raised at build time.

3️⃣ Enforcement Modes

Set EnforcementLevel in JSON:

• Warning → Dev notified
• Error → Build fails

🧰 Sample Usage

🔧 Enable Cerbi Governance

builder.AddCerbiStream(options =>
{
    options.EnableGovernance();
});

✅ Valid Log

logger.LogInformation("User login | UserId: {UserId}, Timestamp: {Timestamp}", userId, DateTime.UtcNow);

❌ Invalid Log

logger.LogInformation("User login"); // Missing required fields

Result: Diagnostic shows missing UserId or Timestamp.

⚙️ Configurable Fields

🔄 Dynamic Reloading

✔️ Cerbi auto-reloads JSON rules at runtime.
✔️ Changes are applied without restart.
✔️ Great for DevOps or governance teams managing live updates.

🔗 Powered by CerbiStream

The GovernanceAnalyzer is designed to work hand-in-hand with CerbiStream, a high-performance, encrypted logging library.

CerbiStream provides:

• ✅ Structured logging with consistent metadata (UserType, Feature, RetryAttempt, etc.)
• ✅ Built-in encryption (Base64, AES)
• ✅ Developer presets (BenchmarkMode, MinimalMode)
• ✅ Cloud-agnostic routing (Kafka, RabbitMQ, Azure, AWS, GCP)

By combining CerbiStream + GovernanceAnalyzer:

• 🔐 You enforce what gets logged
• 📏 You control how it’s structured
• 🚀 You get fast logs, validated before runtime

📦 Add both packages for full governance + logging:

dotnet add package CerbiStream
dotnet add package CerbiStream.GovernanceAnalyzer

🧩 GovernanceAnalyzer validates logs at build time
🚚 CerbiStream routes and enriches logs at runtime

Together they create a full lifecycle solution for enterprise-grade logging.

🌍 Roadmap

• 🧠 Analyzer support for missing context suggestions
• 📊 Governance dashboard (via CerbiShield)
• ⚙️ Build fail metrics and GitHub CI integrations

🧪 Sample LogGovernanceAnalyzer.cs

[DiagnosticAnalyzer(LanguageNames.CSharp)]
public class LogGovernanceAnalyzer : DiagnosticAnalyzer
{
    public override void Initialize(AnalysisContext context)
    {
        context.RegisterSyntaxNodeAction(AnalyzeLogStatements, SyntaxKind.InvocationExpression);
    }

    private void AnalyzeLogStatements(SyntaxNodeAnalysisContext context)
    {
        // ... Check for required fields and allowed levels
    }
}

📬 Contact & Community

• Website: Cerbi-CerbiStream
• NuGet: CerbiStream.GovernanceAnalyzer
• Email: Cerbi

🔖 MIT Licensed · 🧠 Built for the future of observability