Forensic Accountability
& Metering Engine.
Achieve sub-millisecond accountability. GO-DUCK generates a forensic-grade auditing and hierarchical metering engine that tracks every action across your entire distributed ecosystem.
🔍 Row-Level Forensics
Any GDL entity marked @Audited automatically tracks "Who did What and When" at the row level—persisting exact deltas into the global audit_log.
📊 Hierarchical SaaS Metering
Track and limit API bandwidth in real-time via Redis. Automatically enforce dynamic quotas targeted at Individual Users or Realm Roles.
The Forensic Loop
Immutable Evidence.
Interception
Middleware extracts Keycloak Role, UserID, and TenantID from the incoming request envelope.
Verification
The SaaS Metering engine checks Redis for remaining bandwidth. Rejects if Daily/Monthly limits are exceeded.
Persistence
After the mutation succeeds, the GORM hook persists the full audit delta atomically within the same silo transaction.
Audit Schema Excellence
| Event Attribute | Security Value |
|---|---|
| Actor Identity | Captures the Subject (UserID) and Realm Role of the initiator. |
| Historical Delta | Full JSONB diff of the object before and after the mutation. |
| Trace Propogation | Links the audit log directly to the OpenTelemetry TraceID. |
| Tenant Isolation | Audit logs are partitioned by Silo, ensuring no cross-tenant leakage. |