Immutable audit logging for .NET 8 applications. Record who did what, when, where, and why with tamper-evident hash chains, filter pipelines, and non-blocking sink dispatch.
- Immutable
AuditEntrymodel - SHA-256 hash chaining with configurable seed
- Built-in sinks:
ConsoleSink,FileSink,InMemorySink - Pluggable
IAuditSinkandIAuditFilter - Async
Channel<T>dispatch pipeline that keeps request paths non-blocking - Sink failure isolation (one sink failure does not stop other sinks)
- Hash chain verification API
- DI extensions:
AddAuditKit,AddAuditSink<T>,AddAuditFilter<T>
dotnet add package JG.AuditKitusing JG.AuditKit;
using JG.AuditKit.Abstractions;
using JG.AuditKit.Sinks;
builder.Services
.AddAuditKit(options =>
{
options.DefaultSinkTypes.Clear();
options.AddDefaultSink<FileSink>();
options.EnableHashChaining = true;
options.HashSeed = "my-seed";
options.FileSink.Path = "audit.jsonl";
options.FileSink.RollDaily = true;
})
.AddAuditFilter<MyAuditFilter>();
// ...
var auditLog = app.Services.GetRequiredService<IAuditLog>();
await auditLog.WriteAsync(new AuditEntry(
actor: "user:42",
action: "write.order",
resource: "orders/1001",
timestamp: DateTimeOffset.UtcNow,
correlationId: "corr-123",
metadata: new Dictionary<string, string?>
{
["ip"] = "10.0.0.10",
["reason"] = "user-update"
}));Licensed under the Apache License 2.0. See LICENSE for details.
Ready to get started? Install via NuGet and check out the API reference.