Name	Name	Last commit message	Last commit date
parent directory ..
README.md	README.md
access.log	access.log
audit.jsonl	audit.jsonl
docker-compose.redacted.yml	docker-compose.redacted.yml
policy-manifest.json	policy-manifest.json
squid.conf	squid.conf

Name

Last commit message

Last commit date

README.md

access.log

audit.jsonl

docker-compose.redacted.yml

policy-manifest.json

squid.conf

Audit Artifact Samples

These are real audit artifacts generated by running awf locally:

sudo awf --allow-domains github.com,api.github.com \
  --audit-dir /tmp/audit-sample \
  --build-local \
  -- bash -c 'curl -s https://api.github.com/zen; curl -s https://evil.example.com || true; sleep 2'

Files

File	Description
`policy-manifest.json`	Structured description of all firewall rules with evaluation order
`access.log`	Squid access log in the `firewall_detailed` text format
`audit.jsonl`	Squid access log in structured JSONL format (machine-readable)
`squid.conf`	Generated Squid proxy configuration snapshot
`docker-compose.redacted.yml`	Container orchestration config with secrets replaced by `[REDACTED]`

What to look for

In access.log: TCP_TUNNEL:HIER_DIRECT = allowed, TCP_DENIED:HIER_NONE = blocked
In audit.jsonl: Same data in JSON format, one object per line
In policy-manifest.json: Rules evaluated top-to-bottom; deny-unsafe-ports and deny-raw-ipv4 come before domain rules
In squid.conf: The actual ACL rules and log format directives
In docker-compose.redacted.yml: Note AWF_SQUID_CONFIG_B64: '[REDACTED]' — secrets are stripped

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

Audit Artifact Samples

Files

What to look for

FilesExpand file tree

audit

Directory actions

More options

Directory actions

More options

Latest commit

History

audit

Folders and files

parent directory

README.md

Audit Artifact Samples

Files

What to look for