83 lines
2.2 KiB
Markdown
83 lines
2.2 KiB
Markdown
# VaultMesh Command Center: Event Generation Mechanism
|
|
|
|
## Overview
|
|
|
|
The VaultMesh Command Center generates events through a sophisticated, multi-layered mechanism designed for real-time monitoring and fleet management.
|
|
|
|
## Event Types
|
|
|
|
### 1. Heartbeat Events
|
|
- **Trigger**: Node heartbeat submission
|
|
- **Payload Includes**:
|
|
* Timestamp
|
|
* Node ID
|
|
* Hostname
|
|
* OS Profile
|
|
* Cloudflare Status
|
|
* Services Status
|
|
* VaultMesh Root Path
|
|
* System Metrics (uptime, load averages)
|
|
|
|
### 2. Scan Events
|
|
- **Trigger**: Successful scan result submission
|
|
- **Payload Includes**:
|
|
* Timestamp
|
|
* Node ID
|
|
* Hostname
|
|
* OS Profile
|
|
* Scan Summary (critical/high/medium/low findings)
|
|
* Real/Mock Findings Flag
|
|
* Receipt Hash
|
|
|
|
### 3. Command Events
|
|
- **Trigger**: Command execution result
|
|
- **Payload Includes**:
|
|
* Timestamp
|
|
* Node ID
|
|
* Hostname
|
|
* OS Profile
|
|
* Command Name
|
|
* Execution Status
|
|
* Exit Code
|
|
* Nonce (for replay protection)
|
|
|
|
## Event Generation Flow
|
|
|
|
1. **Data Collection**
|
|
- Node agents submit heartbeats and scan results
|
|
- Command results are reported back to the Command Center
|
|
|
|
2. **Event Processing**
|
|
- Raw data is transformed into structured event payloads
|
|
- Events are published to a broadcast channel
|
|
- Server-Sent Events (SSE) distribute events to connected clients
|
|
|
|
3. **State Management**
|
|
- Events trigger state updates (node history, last scan, etc.)
|
|
- Attention status is recomputed based on new events
|
|
|
|
## Advanced Features
|
|
|
|
- **Automatic Scan Scheduling**
|
|
- Periodic scans triggered based on node profile and last scan timestamp
|
|
- Configurable scan intervals
|
|
|
|
- **Attention Computation**
|
|
- Dynamic assessment of node health
|
|
- Tracks critical findings, heartbeat staleness, service status
|
|
|
|
## Security Considerations
|
|
|
|
- Ed25519 key signing for commands
|
|
- Nonce-based replay protection
|
|
- Configurable command policies per node profile
|
|
|
|
## Performance Characteristics
|
|
|
|
- In-memory event storage (500 most recent events)
|
|
- Optional JSONL log persistence
|
|
- Low-overhead event broadcasting
|
|
|
|
## Extensibility
|
|
|
|
The event system supports easy addition of new event types and payloads through the `ServerEvent` enum and corresponding payload structures. |