Hrithik.Security.AuditLogging 1.0.0

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet add package Hrithik.Security.AuditLogging --version 1.0.0
                    


                    

                
NuGet\Install-Package Hrithik.Security.AuditLogging -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Hrithik.Security.AuditLogging" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Hrithik.Security.AuditLogging" Version="1.0.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Hrithik.Security.AuditLogging" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Hrithik.Security.AuditLogging --version 1.0.0
                    


                    

                
#r "nuget: Hrithik.Security.AuditLogging, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Hrithik.Security.AuditLogging@1.0.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Hrithik.Security.AuditLogging&version=1.0.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Hrithik.Security.AuditLogging&version=1.0.0
                    


                            Install as a Cake Tool

πŸ” Hrithik.Security.AuditLogging

Compliance-grade, tamper-evident audit logging for .NET applications

Hrithik.Security.AuditLogging provides a secure, append-only audit logging framework designed for financial, fintech, and enterprise systems where audit trails must be immutable, verifiable, and trustworthy.

✨ Key Features

βœ… Append-only audit logs

πŸ”— Cryptographic hash chaining (tamper-evident)

🧱 Storage-agnostic design

🧩 Pluggable audit stores

πŸ•΅οΈ Correlation-ID aware

🏦 Banking & compliance friendly

This library is not general application logging. It is designed for security events, financial actions, and regulatory audits.

πŸ“¦ Installation dotnet add package Hrithik.Security.AuditLogging

🎯 When Should You Use This?

Use Hrithik.Security.AuditLogging to record:

Authentication & authorization events

Security violations (signature failure, replay attack)

Financial operations (payments, settlements)

Administrative actions

Sensitive data access

Typical industries:

Fintech

Banking

Trading systems

Regulated SaaS platforms

🧠 Core Concepts πŸ”Ή AuditEvent (What Happened)

Represents a high-level security or compliance event.

var auditEvent = new AuditEvent( EventType: "SECURITY", Action: "SIGNATURE_FAILED", Actor: "client-123", Resource: "/payments", Success: false, Timestamp: DateTime.UtcNow, CorrelationId: Guid.NewGuid().ToString() );

πŸ”Ή Audit Log Integrity (How It’s Protected)

Each audit entry is cryptographically linked to the previous entry:

Hash(n) = SHA256(Hash(n-1) + Payload + Timestamp)

βœ” Any modification breaks the chain βœ” Tampering becomes detectable βœ” Meets audit-trail integrity requirements

βš™οΈ Getting Started 1️⃣ Register Services using Hrithik.Security.AuditLogging;

services.AddAuditLogging();

This registers:

IAuditLogger

Default in-memory audit store (for development/testing)

2️⃣ Log an Audit Event var auditLogger = serviceProvider.GetRequiredService<IAuditLogger>();

await auditLogger.LogAsync(new AuditEvent( EventType: "AUTH", Action: "LOGIN_SUCCESS", Actor: "user-42", Resource: "/login", Success: true, Timestamp: DateTime.UtcNow ));

🧩 Architecture Overview Application ↓ IAuditLogger ↓ Hash-Chained AuditLogEntry ↓ IAuditStore (Pluggable)

πŸ—„οΈ Storage Providers

The library ships with:

InMemoryAuditStore (default)

Planned / user-implemented stores:

SQL Server

MongoDB

Azure Blob Storage

Elasticsearch

Production systems should implement their own durable store.

πŸ” Security Guarantees Guarantee Description Immutability Logs are append-only Integrity Hash chaining prevents tampering Traceability Correlation-ID support Isolation Audit logging is decoupled from app logging ⚠️ Important Notes

Do not store raw PII in audit metadata

Mask or tokenize sensitive fields

Use UTC timestamps only

Persist audit logs in write-once or restricted storage

πŸ“Œ Versioning & Stability

Semantic versioning

Stable public abstractions

Breaking changes only in major versions

πŸ“œ License

MIT License

πŸ‘€ Author

Hrithik Kalra .NET | API Security | Fintech Systems

πŸ“§ Email: hrithikkalra11@gmail.com

If you find this package useful, consider supporting its development:

Support is entirely optional and helps sustain ongoing development and maintenance.

πŸ”— Related Packages

This package is part of the Hrithik.Security ecosystem:

  • Hrithik.Security.ApiKeyManagement
    API key generation, storage, and scope-based authorization

  • Hrithik.Security.RequestSigning
    HMAC-based request signing for tamper-proof APIs

  • Hrithik.Security.ReplayProtection
    Short-window replay attack prevention

  • Hrithik.Security.RateLimiting
    Flexible, API-key–aware rate limiting for ASP.NET Core APIs

  • Hrithik.Security.Idempotency Idempotency-key–based protection for safe retries in financial APIs

  • Hrithik.Security.Jose JWT and JWS utilities for secure token handling and message signing

    Together, they form a complete API security framework.

These packages are independent and can be used together or individually.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.0 126 2/4/2026