Search by 
soc-warden / laravel-sdk
SOCWarden security observability SDK for Laravel — detect brute force, impossible travel, credential spray, and more from one API call.
Maintainers
v1.0.0-alpha.3
2026-05-12 06:22 UTC
Requires
- php: ^8.2
- guzzlehttp/guzzle: ^7.0
- illuminate/http: ^11.0|^12.0
- illuminate/support: ^11.0|^12.0
Requires (Dev)
- mockery/mockery: ^1.6
- orchestra/testbench: ^9.0|^10.0
- phpunit/phpunit: ^11.0
This package is auto-updated.
Last update: 2026-05-12 06:22:14 UTC
README
Security observability SDK for Laravel applications. Sends security events to the SOCWarden ingestor.
Installation
composer require soc-warden/laravel-sdk
Configuration
Publish the config file:
php artisan vendor:publish --tag=socwarden-config
Add to your .env:
SOCWARDEN_API_KEY=sk_live_your_key_here
Usage
Track events manually
use SOCWarden\Facades\SOCWarden; SOCWarden::track('auth.login.success', [ 'actor_id' => $user->id, 'actor_email' => $user->email, ]);
Middleware
Register the middleware to automatically capture request context:
// bootstrap/app.php (Laravel 11+) ->withMiddleware(function (Middleware $middleware) { $middleware->append(\SOCWarden\Middleware\CaptureContext::class); })
Automatic Auth Events
By default, the SDK listens to Laravel auth events (Login, Failed, Logout, Registered, PasswordReset) and tracks them automatically. Disable with:
SOCWARDEN_LISTEN_AUTH=false
Environment Variables
| Variable | Default | Description |
|---|---|---|
SOCWARDEN_API_KEY |
— | Your SOCWarden API key |
SOCWARDEN_ENDPOINT |
https://ingestor.socwarden.com |
Ingestor endpoint |
SOCWARDEN_AUTO_CONTEXT |
true |
Auto-collect request context |
SOCWARDEN_QUEUE |
true |
Dispatch events via queue |
SOCWARDEN_QUEUE_CONNECTION |
null |
Queue connection name |
SOCWARDEN_QUEUE_NAME |
default |
Queue name |
SOCWARDEN_BROWSER_HEADER |
X-SOCWarden-Context |
Browser context relay header |
SOCWARDEN_LISTEN_AUTH |
true |
Auto-track auth events |
SOCWARDEN_TIMEOUT |
5 |
HTTP timeout in seconds |