Packages by ecosystem
Start with the package that matches your logging framework. Cerbi keeps the governance model consistent while each adapter feels native to its runtime.
.NET is the primary runtime today. The new Cerbi.Scanner CLI tool audits C#, Go, Java, TypeScript, and Python repos without modifying your code. Node.js (Pino, Winston), Java (Logback, Log4j2), Go (slog, zap), and Python adapters are all available.
Start here
- –New to Cerbi→
- –Using Serilog, MEL, or ASP.NET Core integrations→
- –Want enforcement in CI→
- –Want to audit any repo for log governance violations→
- –Want runtime governance inside the app→
- –Want faster adoption→
- –Using Node.js with Winston or Pino→
- –Using Java with Logback or Log4j2→
- –Want governance enforcement in Azure DevOps pipelines→
Start Here
Recommended first installFramework Integrations
Add Cerbi governance to the frameworks teams already use.
Cerbi.AspNetCore.Governance
Add Cerbi governance to ASP.NET Core applications.
Cerbi.Serilog.Governance
Apply Cerbi governance policies to Serilog pipelines.
Build-Time Enforcement
Catch governance issues during development and CI before telemetry is emitted.
CerbiStream.GovernanceAnalyzer
Build-time governance validation for CerbiStream-based logging.
CI Scanner
Now availableA language-agnostic CLI tool that audits any repository for logging governance violations. Supports C#, Go, Java, TypeScript, and Python. Outputs JSON, SARIF, or HTML — drop it into any CI pipeline with a single command.
Cerbi.Scanner
Start HereStatic logging governance scanner for C#, Go, Java, Node/TypeScript, and Python repositories. Runs as a .NET global tool — install once, audit any repo from the CLI or CI. Read-only by default; never modifies source code or uploads data without an explicit opt-in.
Azure DevOps
CI / CDShift governance left into your CI pipeline. The Cerbi Scanner Azure DevOps extension validates log event shapes against your cerbi_governance.json profile as a pipeline task — no code changes required.
Cerbi Scanner (Azure DevOps)
Start HereAzure DevOps pipeline extension that runs a Cerbi governance scan as a build task. Validates log event shapes against your cerbi_governance.json profile at CI time — catching missing required fields, sensitive field exposure, type mismatches, and severity alignment before code reaches production. Set failOnViolation to block deployments or run in audit-only mode during rollout.
Runtime Governance
Govern telemetry inside the application process before it leaves the service.
Signature Packs
Accelerates adoptionPrebuilt signature packs help teams standardize logging faster without inventing every event shape from scratch.
Cerbi.Signatures.Security
Prebuilt security logging signatures for authentication, authorization, access violations, and sensitive actions.
Cerbi.Signatures.Api
Standard API logging signatures for requests, responses, failures, dependencies, and endpoint activity.
Cerbi.Signatures.Audit
Audit-focused signatures for record changes, approvals, access tracking, and compliance-sensitive events.
Cerbi.Signatures.Pii
Signatures for logging events that involve personally identifiable information — with field-level classification and masking guidance.
Cerbi.Signatures.Financial
Logging signatures for financial transactions, payment events, fraud signals, and monetary operations.
Cerbi.Signatures.Observability
Structured signatures for traces, metrics, dependency calls, and system health events aligned to observability best practices.
Cerbi.Signatures.Hipaa
Prebuilt logging signatures aligned to HIPAA requirements — covering PHI access, disclosures, and audit trail events.
Cerbi.Signatures.Gdpr
Signatures for GDPR-governed logging — data subject requests, consent events, retention triggers, and processing records.
Cerbi.Signatures.Soc2
Logging signatures mapped to SOC 2 trust service criteria — availability, security, confidentiality, and change management.
Cerbi.Signatures.Pci
Signatures for PCI DSS logging requirements — cardholder data access, authentication events, and network activity.
Cerbi.Signatures.FedRamp
Logging event signatures aligned to FedRamp control families — access control, audit and accountability, and incident response.
Cerbi.Signatures.Iso27001
Signatures covering ISO 27001 Annex A control logging requirements — asset management, access control, and cryptographic events.
Cerbi.Signatures.Ferpa
Prebuilt signatures for FERPA-governed logging in education systems — student record access, disclosures, and consent tracking.
Java / Maven
Early alpha Maven packages for applying Cerbi governance concepts to Java logging. Published to Maven Central. Not production-ready. Feature parity with .NET is not claimed.
cerbi-logback-governance
Source-side logging governance for Logback applications. Apply governance profiles before log events leave the application to redact sensitive fields, tag violations, enforce required metadata, and generate governance evidence. Works alongside Logback, OpenTelemetry, Splunk, Datadog, ELK, and Azure Monitor.
cerbi-log4j2-governance
Source-side logging governance for Apache Log4j2 applications. Redact sensitive fields, tag violations, enforce required metadata, and generate governance evidence before log events leave the application. Compatible with existing observability sinks.
Node.js / npm
Early alpha packages for applying Cerbi governance concepts to Node.js logging. Not production-ready. Feature parity with .NET is not claimed.
@cerbi/winston-governance
A lightweight Winston transport that applies Cerbi governance rules to each log event. Evaluates events against JSON rulesets, emits canonical governance tags (mode, profile, violations, score impact), and supports optional hot reload of rulesets via file polling. Never blocks logging when configuration is missing or invalid.
@cerbi/pino-governance
A governance-aware Pino transport and evaluator for Cerbi governance rules. Can be used as a Pino transport target or as a pure evaluator that annotates events with governance status — mode, status, action, violations, and score impact — without blocking log flow. Supports hot reloading rulesets via file watching.
How to choose
- 1.Start with CerbiStream if you are adopting Cerbi directly.
- 2.Add framework integrations if you already use Serilog, MEL, or ASP.NET Core adapters.
- 3.Add analyzers to shift governance left into development and CI.
- 4.Use Cerbi.Scanner to audit any repository for logging violations - works across C#, Go, Java, TypeScript, and Python without modifying your code.
- 5.Add runtime governance when you want in-process enforcement and tagging.
- 6.Use Signature Packs to accelerate adoption with prebuilt event shapes.
- 7.Use the npm packages for Node.js governance with Winston or Pino.
- 8.Use the Maven packages for Java governance with Logback or Log4j2.
- 9.Use the Azure DevOps extension to enforce governance as a pipeline task - no code changes required.
Ready to get started?
Install CerbiStream from NuGet and configure your first governance profile in minutes.
