Cerbi.Serilog.GovernanceAnalyzer
1.0.0
See the version list below for details.
dotnet add package Cerbi.Serilog.GovernanceAnalyzer --version 1.0.0
NuGet\Install-Package Cerbi.Serilog.GovernanceAnalyzer -Version 1.0.0
<PackageReference Include="Cerbi.Serilog.GovernanceAnalyzer" Version="1.0.0" />
<PackageVersion Include="Cerbi.Serilog.GovernanceAnalyzer" Version="1.0.0" />
<PackageReference Include="Cerbi.Serilog.GovernanceAnalyzer" />
paket add Cerbi.Serilog.GovernanceAnalyzer --version 1.0.0
#r "nuget: Cerbi.Serilog.GovernanceAnalyzer, 1.0.0"
#:package Cerbi.Serilog.GovernanceAnalyzer@1.0.0
#addin nuget:?package=Cerbi.Serilog.GovernanceAnalyzer&version=1.0.0
#tool nuget:?package=Cerbi.Serilog.GovernanceAnalyzer&version=1.0.0
Cerbi Serilog Governance Analyzer
๐งช Compile-Time Governance for Serilog
Cerbi.Serilog.GovernanceAnalyzer is a Roslyn analyzer that validates your log statements at compile-time to ensure they meet governance policies. Whether you need to enforce required fields, block sensitive data, or maintain consistency across teams โ this analyzer helps shift governance left into your IDE and CI pipelines.
Disclaimer: Cerbi LLC is not affiliated with or endorsed by the maintainers of Serilog. This analyzer is a third-party tool designed to work alongside Serilog for governance enforcement.
๐ฆ Installation
dotnet add package Cerbi.Serilog.GovernanceAnalyzer
๐ Key Features
- ๐ซ Flags missing required fields
- ๐ Prevents forbidden keys (e.g., SSN, CreditCard)
- โ ๏ธ Warns on advisory or incorrect enum values
- ๐ Supports live reload of
cerbi_governance.json
- ๐งฉ Pluggable validation via
ICustomGovernancePlugin
๐ง Setup + Usage
1๏ธโฃ Install Serilog and Cerbi Analyzer
dotnet add package Serilog
Already covered: dotnet add package Cerbi.Serilog.GovernanceAnalyzer
2๏ธโฃ Add Governance Config to Your Project
Create config/cerbi_governance.json
:
{
"EnforcementMode": "Strict",
"LoggingProfiles": {
"default": {
"FieldSeverities": {
"userId": "Required",
"ssn": "Forbidden"
}
}
}
}
Update .csproj
to include:
<None Include="config\cerbi_governance.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
3๏ธโฃ Configure Serilog with Governance
using Serilog;
using Cerbi.Serilog.GovernanceAnalyzer;
Log.Logger = new LoggerConfiguration()
.Filter.WithCerbiGovernance("config/cerbi_governance.json", "default")
.WriteTo.Console()
.CreateLogger();
4๏ธโฃ Example Log (โ Passes Governance)
Log.Information("User created| userId={UserId}", "abc-123");
5๏ธโฃ Example Log (โ Fails Governance)
Log.Information("SSN submitted| ssn={ssn}", "123-45-6789");
Triggers:
[CERBI002] Forbidden Field: 'ssn' is not allowed in profile 'default'
๐งฉ Quick Start (Minimal Working Example)
// Program.cs
using Serilog;
using Cerbi.Serilog.GovernanceAnalyzer;
Log.Logger = new LoggerConfiguration()
.Filter.WithCerbiGovernance("config/cerbi_governance.json", "default")
.WriteTo.Console()
.CreateLogger();
Log.Information("User signed in| userId={UserId}", "abc-123");
.csproj
snippet:
<None Include="config\cerbi_governance.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
๐ง IDE Tip: Violations will appear directly in Visual Studio, Rider, or in CI builds using dotnet build
. Strict mode causes compile failure.
๐ง Governance Enforcement Example
(see above config)
๐ฅ Plugin Support (Advanced)
Create custom enforcement logic with ICustomGovernancePlugin
:
public class TeamIdPlugin : ICustomGovernancePlugin
{
public string Id => "plugin.teamid.required";
public string Description => "Requires TeamId in Production";
public PluginCategory Category => PluginCategory.Compliance;
public string[] AppliesToProfiles => new[] { "*" };
public bool Validate(string profileName, Dictionary<string, object> data, out List<string> failures, out int impact)
{
failures = new(); impact = 0;
if (data.TryGetValue("Environment", out var env) &&
env?.ToString() == "Production" &&
!data.ContainsKey("TeamId"))
{
failures.Add("Missing TeamId in Production logs");
impact = 5;
return false;
}
return true;
}
}
๐ License & Support
- License: MIT (cerbi.io/licenses)
- Website: cerbi.io
- Contact: hello@cerbi.io
Cerbi LLC is not affiliated with or endorsed by Serilog or its maintainers. Serilog is a separate open-source project governed by its own license and maintainers.
โ๏ธ Secure โข ๐ Structured โข โ Compliant Cerbi Governance Analyzer for Serilog โ by Cerbi LLC
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net8.0
- Microsoft.CodeAnalysis.CSharp (>= 4.13.0)
- Newtonsoft.Json (>= 13.0.3)
- Serilog (>= 4.2.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.