Structured Logging Governance (Build & Runtime) Cloud-Native & Portable Modular Hybrid-Ready ML-Friendly

Unified Logging, Governance & Observability

Bring order to log chaos. CerbiSuite enforces structure at the source, enables audit-ready compliance, and feeds ML-ready pipelines—without vendor lock-in.

Lower Ingestion & Storage Cost

Normalize & de-duplicate at the source; ship less noise to Splunk/ELK/Datadog.

Stable fields → smaller indexes & faster queries
Rollups/tags → fewer high-cardinality surprises

Compliance Without Friction

PII rules at build-time & runtime. Redact & flag—don’t drop critical signals.

Versioned policies in CerbiShield (RBAC & audit history)
Relax-mode for safe rollout in prod

Make Every Tool Better

We’re not a sink—we improve what your sinks receive with richer, consistent context.

Durable dashboards (no silent breakage)
ML-ready metadata for LLMs & models

Faster Investigations

Consistent correlation (app/env/tenant/trace) across services speeds triage.

Clean joins through stable shapes
Actionable violation metadata

Explore Governance See Ecosystem

Cerbi.

Real outcomes

Use Cases (for teams & execs)

Short, concrete wins you can expect. Each can start small and expand safely across the org.

1Cut Log Spend

Normalize fields, roll up noise, and de-duplicate before indexing.

Less high-cardinality churn
Smaller indexes, faster queries

2Prove Compliance

Versioned PII policy + redaction metadata you can hand to Risk/Legal.

Build-time rules + runtime enforcement
RBAC & audit history in CerbiShield

3Stabilize Dashboards

Stop breaking charts every sprint due to field drift.

Stable names & types
Durable alerts across releases

4Accelerate Incidents

Consistent app/env/tenant/trace IDs → faster triage and MTTR.

Joinable logs across services
Violation context included

5Ship ML-Ready Telemetry

Clean, governed features for LLMs & models—without PII surprises.

Tags, categories, enums
Consistent shapes for training

6Adopt Gradually

Start with one domain (e.g., auth), run in relax-mode, then tighten.

Keep your loggers/sinks
No vendor lock-in

See Governance in action Pick your packages Compare approaches

THE PROBLEM

Why CerbiStream Exists

As organizations scale across internal squads, contractors, and third-party libraries, logging becomes a patchwork—hard to trust, hard to use, and risky. Cerbi turns logs into governed, reliable data products.

What goes wrong without guardrails

Same idea, many names: userId, user_id, uid, customerId.
Shape drift: GUIDs turn into ints; strings turn into blobs.
PII leakage: emails/addresses sneak into prod logs.
Missing metadata: timestamp, level, env, app, trace IDs aren’t consistent.
Fragile dashboards: small field changes break alerts and reports.
Cost bloat: noisy, duplicative fields can’t be rolled up or pruned.

Cerbi’s approach: logs as governed data products

Contract (schema + rules): required/forbidden fields, types, enums, PII policy.
Build-time enforcement: Roslyn analyzer catches violations before they ship.
Runtime enforcement: validation, redaction, and relax-mode flagging in prod.
Ownership & versioning: profiles live in CerbiShield with history, RBAC, rollbacks.
Analytics-ready metadata: app, env, tenant, correlation, tags, and categories.

What changes for your teams

Developers: clear, fixable IDE/CI diagnostics when logging violates policy.
Runtime: keep the event, redact/flag violations; don’t lose critical signals.
Security/Compliance: versioned policies, RBAC, audit history in CerbiShield.
Observability/SRE: stable fields → durable dashboards and alerts.
Data/ML: consistent, PII-safe features suitable for modeling and LLMs.

Before (inconsistent + risky)

{
  "user_id": "7",
  "email": "jane@ex.com",
  "when": "2025-08-27",
  "sev": "info"
}

After (governed profile)

{
  "timestamp": "2025-08-27T14:33:12.120Z",
  "level": "Information",
  "user": { "id": "7" },
  "action": "UserLoggedIn",
  "app": "identity-api",
  "env": "prod",
  "traceId": "a1b2c3",
  "tags": ["auth", "success"]
}

Not another logging tool

Cerbi doesn’t replace Splunk, ELK, Datadog, or your sinks. We improve what you send to them: cleaner data (lower cost), stable fields (fewer broken dashboards), and governed, PII-aware logs (easier audits).

Why this matters now

Regulatory pressure is rising (privacy, breach disclosure, residency). Logs are security-relevant evidence. The only scalable path to velocity + compliance is structure and policy at the source.

Outcomes you can expect

Faster investigations via consistent correlation and fields
Lower ingestion and storage costs from normalized data
Audit-ready posture with versioned policy and redaction
ML-ready telemetry: clean, labeled features for modeling

Get started

⚡ Quick Start: Try CerbiStream in 60 Seconds

Install from NuGet, configure in Program.cs, and log safely with governance validation.


// 1) Install
dotnet add package CerbiStream

// 2) Configure in Program.cs (MEL)
using CerbiStream;

var logger = LoggerFactory.Create(builder =>
{
  builder.AddCerbiStream(options =>
  {
    options.WithFileFallback();                     // resilient logging
    options.UseGovernance("cerbi_governance.json"); // build-time + runtime profile
  });
}).CreateLogger<Program>();

// 3) Log safely with governance validation
logger.LogInformation("User logged in {@user}", new { UserId = "12345" });

View full docs on GitHub →

What’s included

The Cerbi Ecosystem

A cohesive suite where each component addresses a critical aspect of enterprise logging.

Component	Status	Purpose
CerbiStream	GA	Core .NET logger with structured output, encryption, and governance at build-time and runtime. Drop-in for new services; adapters available for popular stacks.
CerbiStream.GovernanceAnalyzer	GA	Roslyn analyzer + runtime hooks that enforce schemas before and after code ships. Emits precise, actionable diagnostics in IDE and CI.
CerbiShield	Beta (SaaS soon)	Governance dashboard & APIs. Profile authoring, RBAC, audit history, environment-aware deployments, and profile versioning.
CerbIQ	Phase 2 Planned	Routing, normalization, rollups, fan-out, and app grouping. Turns disparate streams into consistent, analytics-ready datasets.
CerbiSense	Phase 2 Planned	ML-driven anomaly detection and trend forecasting on governed logs. Risk scoring and proactive alerting with explainability.

RBAC

Audit logs

Governance

Encryption

Enterprise-ready. Your tenant. Your rules. RBAC, audit logs, governance, and encryption aligned to your policies.

Policy, then telemetry

Governance That Meets Teams Where They Are

Keep Serilog/NLog/MEL—add Cerbi governance today. Or go all-in with CerbiStream. Either way, the same governance profiles power build-time diagnostics and runtime enforcement.

Build-Time Enforcement

Roslyn analyzer flags violations in IDE/CI with precise, fix-friendly messages—before code ships.

Runtime Enforcement

Validators ensure emitted logs comply with your profiles. Redaction & relax-mode prevent operational loss while maintaining visibility.

Compliance Starter Kits

HIPAA/GDPR-aligned defaults you can tailor; versioned profiles; audit histories; rule plugins to fit your org.

Live Rule Check (demo)

PII Field

Input Log

Evaluation

See it

CerbiShield in Action

Profiles, rules, and violations—everything you need to govern logging across an enterprise.

One source of truth for policy and enforcement.

NuGet Packages & How They Fit

Cerbi is a set of small, focused packages. Use them à la carte or together. We don’t replace Splunk/ELK/Datadog—we make the data you send to them clean, governed, and auditable.

How packages relate

Apps (Serilog / MEL / NLog / CerbiStream)
  ├─▶ Build-time:  CerbiStream.GovernanceAnalyzer  ·  Cerbi.Serilog.GovernanceAnalyzer
  ├─▶ Runtime:     Cerbi.MEL.Governance  →  Cerbi.Governance.Runtime  →  Cerbi.Governance.Core
  └─▶ Native logger: CerbiStream (structured, encrypted, governance-ready)

CerbiStream

Structured, secure logger with governance-ready metadata.

.NET 8.0+

What it is: modern .NET logger that emits consistent JSON with app/env/tenant/correlation.
Security: optional AES/Base64 encryption + redaction helpers.
Reliability: WithFileFallback() keeps signal during outages.
Governance-ready: first-class tags, categories, and stable field shapes.

Install & sample

dotnet add package CerbiStream

using CerbiStream;

var logger = LoggerFactory.Create(b =>
{
  b.AddCerbiStream(o => {
    o.WithFileFallback();
    o.UseGovernance("cerbi_governance.json");
  });
}).CreateLogger<Program>();

logger.LogInformation("Order created {@order}", new { Id = 42, Amount = 99.00M });

Cerbi.MEL.Governance

Runtime governance for Microsoft.Extensions.Logging (MEL).

.NET 8.0+

Validates at runtime: required/forbidden fields, enums, types.
Safer prod: redacts/flags violations (doesn’t drop events).
Connects to Shield: reads versioned profiles; supports live reload.

Install & wire-up

dotnet add package Cerbi.MEL.Governance

builder.Logging.AddCerbiGovernance(o =>
{
  o.ProfilePath = "cerbi_governance.json";
  o.FileFallback = true;
});

CerbiStream.GovernanceAnalyzer

Roslyn analyzer that enforces governance at build-time for CerbiStream apps.

.NET 8.0+

Catches violations early: IDE & CI diagnostics with precise messages.
Policy-aware: reads CerbiShield profiles and versions.
Great for large teams: shift-left enforcement reduces prod churn.

Install

dotnet add package CerbiStream.GovernanceAnalyzer

Cerbi.Serilog.GovernanceAnalyzer

Roslyn analyzer that enforces governance rules for Serilog projects.

.NET 8.0+

Applies Cerbi policy to Serilog usage during build.
Keeps field names/types stable across releases.
Pairs well with CerbiShield profile reviews & approvals.

Install

dotnet add package Cerbi.Serilog.GovernanceAnalyzer

Cerbi.Governance.Runtime

Core runtime engine that evaluates profiles and emits violation metadata.

.NET 8.0+

Used by: Cerbi.MEL.Governance and other adapters.
Redaction & flagging: preserve signal while enforcing policy.
Plugin model: custom rule extensions via interfaces.

Cerbi.Governance.Core

Shared contracts and models for analyzers and runtime.

.NET 8.0+

Models: GovernanceRuleSet, RuleViolation, enums, and policy types.
Stable surface: the common language for build-time and runtime.
Good for: writing custom rule plugins shared across orgs.

Quick install (copy/paste)

dotnet add package CerbiStream
dotnet add package CerbiStream.GovernanceAnalyzer
dotnet add package Cerbi.MEL.Governance
dotnet add package Cerbi.Governance.Core
dotnet add package Cerbi.Governance.Runtime
dotnet add package Cerbi.Serilog.GovernanceAnalyzer

Open source

📦 Cerbi Repositories

Open-source packages with a shared governance core. Pick what you need; stay portable.

CerbiStream

Core .NET structured logger with governance hooks, encryption, and resilient file fallback.

Features: Structured JSON logs, AES/Base64 encryption, WithFileFallback(), live profile reload
Governance: Required/Forbidden fields, redaction, tagging, relax-mode bypass
Compatibility: .NET 6/7/8; Serilog/NLog/MEL via adapters

Install & Configure


// Install
dotnet add package CerbiStream

// Program.cs (MEL)
using CerbiStream;
var logger = LoggerFactory.Create(b =>
{
  b.AddCerbiStream(o =>
  {
    o.WithFileFallback();
    o.UseGovernance("cerbi_governance.json");
  });
}).CreateLogger<Program>();
logger.LogInformation("User logged in {@user}", new { UserId = "12345" });

GitHub → · NuGet →

CerbiStream.GovernanceAnalyzer

Roslyn analyzer enforcing governance at build time: required/forbidden fields, enums, types.

Features: IDE diagnostics, CI enforcement, profile-version awareness
Profiles: JSON governance with versioning & plugins
Output: Compiler warnings/errors with actionable messages

Install & Use


// Install analyzer (per project)
dotnet add package CerbiStream.GovernanceAnalyzer

// Place cerbi_governance.json at repo or project root.
// Analyzer will surface diagnostics in IDE/CI automatically.

NuGet →

Cerbi.Serilog.GovernanceAnalyzer

Runtime governance enforcement for Serilog: flags violations without dropping logs.

Features: Runtime validation, redaction, violation tagging, file-fallback
Use Case: Keep Serilog, add Cerbi governance immediately
Targets: .NET 6/7/8; works with standard Serilog sinks

Quick Start


// Install
dotnet add package Serilog
dotnet add package Cerbi.Serilog.GovernanceAnalyzer

// Configure
using Serilog;
Log.Logger = new LoggerConfiguration()
  .Enrich.FromLogContext()
  .UseCerbiGovernance("cerbi_governance.json", o => o.FileFallback = true)
  .WriteTo.Console()
  .CreateLogger();

Log.Information("Order created {@order}", new { Id = 42, Amount = 99.00 });

NuGet →

Cerbi.Governance.Core & Runtime

Shared governance models, enums, and runtime engine used by analyzers and plugins.

Contracts: GovernanceRuleSet, RuleViolation, ICustomGovernancePlugin
Runtime: Executes profile rules, emits violation metadata, supports relax-mode
Targets: .NET Standard 2.1 / .NET 6+

Install


dotnet add package Cerbi.Governance.Core
dotnet add package Cerbi.Governance.Runtime

Core NuGet → · Runtime NuGet →

CerbiShield (Dashboard + APIs)

Beta

Governance UI, RBAC, profile store, validation, and deployment (GitHub, Filesystem, Azure Blob, S3, GCS). Audit history included.

APIs: Store, Validation, Deploy, Reporting
RBAC: Enterprise-grade claims-based roles, JWT middleware
Deploy: History, rollbacks, multi-target (Enterprise)

Preview: CerbiShield Dashboard

WHAT YOU GET

Logger Governance Comparison

Capability	CerbiStream (Modern Default)	MEL + Governance (Available Now)	Serilog + Governance Analyzer (Build-time)
Build-Time Governance Enforcement	✅ Roslyn Analyzer integrated CerbiStream.GovernanceAnalyzer	❌ Not applicable (runtime package)	✅ Via Cerbi.Serilog.GovernanceAnalyzer
Runtime Governance Enforcement	✅ Built-in runtime validators	✅ Via Cerbi.MEL.Governance	⚠️ Build-time only (no runtime validator)
Encryption Support (AES, Base64)	✅ Built-in	❌ Not included (use app/transport)	❌ Not included
File Fallback Logging	✅ WithFileFallback()	✅ Supported via your MEL providers/sinks	✅ Via Serilog.Sinks.File
Telemetry Routing & Enrichment	✅ Built-in (App Insights, OTel)	✅ Supported via MEL providers & enrichers	✅ Supported via Serilog sinks & enrichers
ML / CerbIQ Compatibility	✅ Schema-aligned automatically	✅ Requires matching metadata (CerbiShield assists)	✅ Requires matching metadata (CerbiShield assists)
Governance Profile Reloading	✅ Supported	✅ Supported	✅ Supported
Custom Rule Plugins	✅ Via ICustomGovernancePlugin	✅ Via ICustomGovernancePlugin	⚠️ Analyzer-only (runtime plugins not applicable)
App Rollup / Grouping Support	✅ Built-in	⚠️ External design needed	⚠️ External design needed

Notes: CerbiStream ships with both build-time and runtime safeguards. If your apps use Microsoft.Extensions.Logging, add Cerbi.MEL.Governance for runtime validation today. Serilog projects are covered at build-time via Cerbi.Serilog.GovernanceAnalyzer; runtime validation there is on the roadmap.

How it flows

Architecture & Flow

Phase 1 — CerbiSuite (Today)
• CerbiStream — structured logs, encryption, governance (build + runtime)
• CerbiStream.GovernanceAnalyzer — Roslyn analyzer + runtime hooks
• CerbiShield — dashboard, profiles, RBAC, audit history

Phase 2 — CerbIQ & CerbiSense (Roadmap)
• CerbIQ — routing, normalization, fan-out; tenant isolation and ML-ready data
• CerbiSense — anomaly detection, forecasting, risk scoring & proactive alerts

We don’t compete with Splunk/ELK/Datadog.
We ensure the data flowing into them is correct, compliant, and ML-ready.

Full architecture (PDF): Download

Let’s talk

Get in Touch

Questions, enterprise inquiries, or marketplace partnership? Reach out and we’ll respond quickly.

Prefer email? hello@cerbi.io