← Back to all products

Auth Audit Logger

$9

Authentication event logging with anomaly detection, account lockout, and structured JSON audit trails.

📁 9 files
JSONMarkdownPython

📄 Product Preview

Try the interactive reader and demo tools below, or get the full product with all content unlocked.

📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample

📁 File Structure 9 files

auth-audit-logger/ ├── LICENSE ├── README.md ├── examples/ │ └── config.example.json ├── free-sample.zip ├── guide/ │ ├── 01_auth-audit-logger.md │ ├── 02_features.md │ └── 03_quick-start.md ├── index.html └── src/ └── main.py

📖 Documentation Preview README excerpt

Auth Audit Logger

Authentication event logging with anomaly detection, account lockout, and structured JSON audit trails. Zero dependencies.

Part of the Auth Vault toolkit by [CodeVault](https://codevault.dev).

Features

  • Structured JSON event logging with ISO 8601 timestamps
  • 17 event types: login, logout, failure, lockout, password change, MFA, and more
  • Rate-based anomaly detection: brute force, credential stuffing, multi-IP login
  • Account lockout after configurable failure threshold
  • IP-based tracking with suspicious pattern detection
  • Log rotation with configurable max file size and retention
  • Alert callbacks for real-time notification
  • CLI tool for logging, querying, and attack simulation
  • Zero dependencies — Python stdlib only

Quick Start


# Log a successful login
python3 src/main.py log --event login_success --user user123 --ip 192.168.1.1

# Log a failed login
python3 src/main.py log --event login_failure --user user456 --ip 10.0.0.1

# Query recent events
python3 src/main.py query --limit 20

# Query failures for a specific user
python3 src/main.py query --user user456 --event login_failure

# Show activity summary
python3 src/main.py summary

# Check if an account is locked
python3 src/main.py check-lock --user user456

# Simulate a brute force attack (for testing)
python3 src/main.py simulate --scenario brute-force

Using as a Library


from main import AuditLogger

audit = AuditLogger(lockout_threshold=5, lockout_duration=900)

# Log events
audit.log_login_success("user123", ip="192.168.1.1")
alerts, locked = audit.log_login_failure("user456", ip="10.0.0.1",
                                          reason="bad password")

if locked:
    print("Account is now locked!")

for alert in alerts:
    print(f"ALERT: {alert.description}")

*... continues with setup instructions, usage examples, and more.*

📄 Code Sample .py preview

src/main.py #!/usr/bin/env python3 """ Auth Audit Logger — Login Events, Failures & Suspicious Activity ================================================================= Authentication event audit logger that tracks login attempts, failures, account lockouts, password changes, and suspicious activity patterns. Includes rate-based anomaly detection, IP tracking, account lockout policies, and structured JSON logging with file rotation. Why a dedicated auth logger? Because application logs mix auth events with business logic, making it impossible to answer "who accessed what, when?" during a security incident. This logger creates a clean, structured audit trail focused entirely on authentication events. Zero dependencies. Import or run as CLI. Part of the Auth Vault toolkit by DataNest. License: MIT """ from __future__ import annotations import json import logging import os import threading import time from collections import defaultdict from dataclasses import dataclass, field, asdict from datetime import datetime, timezone, timedelta from enum import Enum from pathlib import Path from typing import Any, Callable # --------------------------------------------------------------------------- # Logging # --------------------------------------------------------------------------- logger = logging.getLogger("auth_audit_logger") # --------------------------------------------------------------------------- # Constants # --------------------------------------------------------------------------- DEFAULT_LOG_DIR = Path("audit_logs") DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024 # 10 MB before rotation DEFAULT_MAX_FILES = 10 # Keep 10 rotated files DEFAULT_LOCKOUT_THRESHOLD = 5 # Failed attempts before lockout DEFAULT_LOCKOUT_WINDOW = 300 # 5 minutes (seconds) DEFAULT_LOCKOUT_DURATION = 900 # 15 minutes (seconds) # ... 883 more lines ...
Buy Now — $9 Back to Products