Security Metrics Repository
Component Detail
Data Layer
medium complexity
Shared Component
backend
0
Dependencies
2
Dependents
3
Entities
0
Integrations
Description
Data access layer that executes parameterized PostgreSQL queries over the audit_logs and sessions tables to retrieve raw security data. Provides org-scoped and global-admin-scoped query variants. Used by both the Security Monitoring Service and the Security Alert Evaluator.
security-metrics-repository
Responsibilities
- Query audit_logs for failed authentication events within a time window
- Query sessions table for active and concurrent session counts
- Support org-scoped filtering for tenant isolation
- Provide anonymized cross-org aggregates for Global Admin view
Interfaces
queryFailedLogins(orgId: string | null, since: Date): Promise<AuditLogRow[]>
queryActiveSessions(orgId: string | null): Promise<SessionRow[]>
queryFlaggedAuditEvents(orgId: string | null, severity: string): Promise<AuditLogRow[]>
querySuspiciousAccessPatterns(orgId: string | null, windowMinutes: number): Promise<PatternRow[]>
queryLoginTimeSeries(orgId: string | null, bucketMinutes: number, since: Date): Promise<TimeSeriesPoint[]>
Relationships
Dependents (2)
Components that depend on this component
Related Data Entities (3)
Data entities managed by this component