🏠 Overview 🧩 Components 🧩 Security Metrics Service

Security Metrics Service

Component Detail

Service Layer medium complexity backend
2
Dependencies
2
Dependents
6
Entities
0
Integrations

Description

Core backend service querying audit_logs, sessions, and refresh_tokens tables to compute aggregated security metrics with per-tenant scoping. Applies short-TTL caching to avoid query overhead on each page load, differentiates org admin vs global admin data boundaries, and exposes anomaly flags based on configurable thresholds.

Feature: Security Dashboard

security-metrics-service

Responsibilities

  • Query audit_logs for failed login counts and suspicious activity patterns
  • Query sessions and refresh_tokens for active counts and token anomalies
  • Apply tenant scoping so org admins receive only their organization data
  • Cache computed metrics with short TTLs to reduce database load
  • Delegate anomaly evaluation to AnomalyDetectionService and attach flags to metric responses

Interfaces

getSecurityMetrics(tenantId: string, timeRange: TimeRange): SecurityMetricsDTO
getActiveSessionCount(tenantId: string): number
getFailedLoginCount(tenantId: string, windowMinutes: number): number
getSuspiciousActivityAlerts(tenantId: string): SecurityAlert[]
getTokenAnomalies(tenantId: string): TokenAnomalyDTO[]
getCrossTenantSummary(): GlobalSecuritySummaryDTO

Relationships

Dependencies (2)

Components this component depends on

data Security Metrics Cache service Anomaly Detection Service

Dependents (2)

Components that depend on this component

ui Security Dashboard Page infrastructure Security Dashboard API Route

Related Data Entities (6)

Data entities managed by this component

Audit Log 17 fields audit Organization 21 fields core Refresh Token 15 fields core Session 16 fields core User 24 fields core User Role 13 fields core