Security Monitoring Service - Meander Platform

Description

Server-side service that runs scheduled aggregation queries over audit_logs and sessions tables to compute security metrics. Caches computed results to avoid heavy real-time database load and exposes REST API endpoints consumed by the Security Dashboard Page.

Feature: Security Dashboard

security-monitoring-service

Responsibilities

Aggregate failed login attempts by time window, user, and organization
Compute concurrent session counts per user and detect anomalous session patterns
Classify and surface flagged security events by severity level
Cache aggregated metrics on a scheduled basis to minimize database load
Enforce tenant isolation so Org Admins only see their own organization data

Interfaces

getSecurityMetrics(orgId?: string, timeWindow?: string): Promise<SecurityMetrics>

getFailedLoginCounts(orgId: string, from: Date, to: Date): Promise<FailedLoginData[]>

getActiveSessions(orgId?: string): Promise<SessionSummary[]>

getFlaggedEvents(orgId?: string, severity?: string): Promise<FlaggedEvent[]>

getConcurrentSessionsByUser(orgId: string): Promise<UserSessionCount[]>

refreshMetricsCache(): Promise<void>

dismissAlert(alertId: string): Promise<void>

getSecurityTrends(orgId?: string, days: number): Promise<TrendData>

Relationships

Dependencies (1)

Components this component depends on

data Security Metrics Store

Dependents (1)

Components that depend on this component

ui Security Dashboard Page

Related Data Entities (9)

Data entities managed by this component

Audit Log 16 fields audit Organization 17 fields core Session 16 fields core User 21 fields core Audit Logs 14 fields audit Organizations 25 fields core Refresh Tokens 20 fields core Sessions 16 fields core Users 26 fields core