lucasacchi/LogWhispererAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: create n8n workflow for secure log ingestion

Browse Source 
Implement LogWhisperer_Ingest workflow for Sprint 2 Feature 2:

Workflow Components:
- Webhook trigger: POST /webhook/logwhisperer/ingest
- HMAC-SHA256 validation with timing-safe comparison
- Anti-replay protection (5min timestamp window)
- Data validation: UUID client_id, severity levels, non-empty logs
- PostgreSQL storage with logs table auto-creation
- Conditional routing for critical severity logs

Security Features:
- HMAC signature verification (X-LogWhisperer-Signature header)
- Timestamp validation preventing replay attacks
- Input sanitization before DB insert
- Environment variable LOGWHISPERER_SECRET for shared secret

Documentation:
- workflows/logwhisperer_ingest.json: Export JSON workflow
- workflows/README.md: Installation and usage guide
- workflows/INTEGRATION.md: Bash script integration guide
- workflows/REPORT.md: Implementation report
- workflows/test_workflow.sh: Automated test suite

Metodo Sacchi Applied:
- Safety First: HMAC validation before any processing
- Little Often: Modular nodes, each with single responsibility
- Double Check: Test suite validates all security requirements

Next Steps:
- Configure LOGWHISPERER_SECRET in n8n environment
- Import workflow to n8n instance
- Test end-to-end with secure_logwhisperer.sh
This commit is contained in:
Luca Sacchi Ricciardi
2026-04-02 19:01:40 +02:00
parent 9de40fde2d
commit 3c406ef405
6 changed files with 1427 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
CHANGELOG.md
View File

@@ -9,6 +9,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added
- feat: Create n8n workflow `LogWhisperer_Ingest` for secure log ingestion
- Webhook trigger on POST `/webhook/logwhisperer/ingest`
- HMAC-SHA256 signature validation with anti-replay protection
- Data validation (UUID, severity levels, non-empty raw_log)
- PostgreSQL storage with automatic table creation
- Conditional AI processing for critical severity logs
- JSON export at `workflows/logwhisperer_ingest.json`
- Test suite at `workflows/test_workflow.sh`
- Integration guide at `workflows/INTEGRATION.md`
- Documentation at `workflows/README.md`
- Implements Metodo Sacchi: Safety First, Little Often, Double Check
- feat: Configure MCP servers for enhanced AI capabilities
- sequential-thinking MCP for structured problem solving
- context7 MCP for contextual library documentation retrieval