How do I install Sentinel?

Install Sentinel with go get github.com/MUKE-coder/sentinel. It requires Go 1.24 or later and uses pure-Go SQLite, so no CGo or C compiler is needed. It works out of the box on all platforms including Linux, macOS, and Windows.

Does Sentinel require CGo?

No. Sentinel uses a pure-Go SQLite implementation, eliminating the need for CGo or any C compiler. This makes cross-compilation straightforward and simplifies Docker builds without any native dependency requirements.

What does sentinel.Mount() do?

Mount() initializes the entire Sentinel stack in one call. It sets up storage, runs migrations, configures middleware for WAF, rate limiting, and security headers, registers the REST API and WebSocket endpoints, and serves the embedded React dashboard.

What is the default Sentinel dashboard URL?

The default dashboard is served at /sentinel/ui with default credentials admin/sentinel. You can customize the URL prefix, username, password, and JWT secret key through the DashboardConfig section of your configuration struct.

Getting Started

Sentinel is a production-grade security intelligence SDK for Go applications using the Gin framework. It provides WAF protection, rate limiting, threat detection, AI analysis, and an embedded React dashboard — all mountable with a single function call.

Installation

Sentinel requires Go 1.24+ and uses pure-Go SQLite (no CGo required).

go get github.com/MUKE-coder/sentinel

Quick Start

The simplest way to use Sentinel is with zero configuration. This gives you an in-memory store, all defaults, and a dashboard at /sentinel/ui.

main.gogo

1package main
2
3import (
4    sentinel "github.com/MUKE-coder/sentinel"
5    "github.com/gin-gonic/gin"
6)
7
8func main() {
9    r := gin.Default()
10
11    // Mount Sentinel with zero config — everything works out of the box
12    sentinel.Mount(r, nil, sentinel.Config{})
13
14    // Your application routes
15    r.GET("/api/hello", func(c *gin.Context) {
16        c.JSON(200, gin.H{"message": "Hello, World!"})
17    })
18
19    r.Run(":8080")
20    // Dashboard: http://localhost:8080/sentinel/ui
21    // Default login: admin / sentinel
22}

Zero Config

With sentinel.Config{}, Sentinel uses sensible defaults: in-memory storage, WAF disabled, rate limiting disabled. The dashboard is always available.

With WAF and Rate Limiting

Enable security features by setting configuration fields:

main.gogo

1package main
2
3import (
4    "time"
5
6    sentinel "github.com/MUKE-coder/sentinel"
7    "github.com/gin-gonic/gin"
8)
9
10func main() {
11    r := gin.Default()
12
13    sentinel.Mount(r, nil, sentinel.Config{
14        Dashboard: sentinel.DashboardConfig{
15            Username:  "admin",
16            Password:  "my-secure-password",
17            SecretKey: "change-this-in-production",
18        },
19
20        Storage: sentinel.StorageConfig{
21            Driver:        sentinel.SQLite,
22            DSN:           "sentinel.db",
23            RetentionDays: 90,
24        },
25
26        WAF: sentinel.WAFConfig{
27            Enabled: true,
28            Mode:    sentinel.ModeBlock,
29        },
30
31        RateLimit: sentinel.RateLimitConfig{
32            Enabled: true,
33            ByIP:    &sentinel.Limit{Requests: 100, Window: time.Minute},
34        },
35    })
36
37    r.GET("/api/users", func(c *gin.Context) {
38        c.JSON(200, gin.H{"users": []string{}})
39    })
40
41    r.Run(":8080")
42}

What Happens When You Call Mount

sentinel.Mount() performs the following in order:

Initializes the storage backend (SQLite or in-memory)
Runs database migrations
Creates the IP manager for whitelist/blacklist
Sets up the async event pipeline with worker goroutines
Initializes threat profiler, security score engine, geo-locator
Configures alerting (Slack, email, webhook) if enabled
Registers middleware: Auth Shield, WAF, Rate Limiter, Security Headers, Performance
Registers the REST API and WebSocket endpoints
Optionally initializes the AI provider
Serves the embedded React dashboard
Starts background cleanup and score recomputation goroutines

Middleware Order Matters

Sentinel registers middleware in a specific order. Mount it before your application routes so that all routes are protected.

Project Architecture

sentinel/
├── core/           # Shared types, constants, models
├── ai/             # AI provider interface (Claude, OpenAI, Gemini)
├── alerting/       # Alert dispatching (Slack, email, webhook)
├── api/            # REST API server, JWT auth, WebSocket hub
├── detection/      # WAF pattern matching, custom rule engine
├── gorm/           # GORM audit logging plugin
├── intelligence/   # Threat profiling, scoring, anomaly detection
├── middleware/      # Gin middleware (WAF, rate limit, headers, perf)
├── pipeline/       # Async event pipeline (ring buffer, workers)
├── reports/        # Compliance report generators
├── storage/        # Storage interface + implementations
│   ├── memory/     # In-memory store (default)
│   └── sqlite/     # Pure-Go SQLite store
├── ui/             # Embedded React dashboard
├── sentinel.go     # Mount() entry point
└── models.go       # Type aliases from core/

Storage Backends

Driver	Config Value	Notes
Memory	`sentinel.Memory`	Default. No persistence — good for development.
SQLite	`sentinel.SQLite`	Pure Go (no CGo). Recommended for production.

Testing Your Setup

After starting your application, verify Sentinel is working:

# Check the dashboard
curl http://localhost:8080/sentinel/ui

# Try a SQL injection attack (should be blocked if WAF is enabled)
curl "http://localhost:8080/api/users?id=1'+OR+'1'='1"

# Check rate limiting headers
curl -v http://localhost:8080/api/users 2>&1 | grep X-RateLimit

Next Steps

Full Configuration Reference — All available options
WAF Configuration — Custom rules and strictness levels
Rate Limiting — Per-IP, per-user, per-route limits
Dashboard — Explore the 13-page security dashboard

Built with by JB