Django v0.3.1

API Reference

Complete documentation for django-nis2-shield middleware configuration and endpoints.

Contents

Configuration Middleware Management Commands SIEM Presets

Configuration (NIS2_SHIELD)

Add these settings to your Django settings.py:

Setting Type Default Description
INTEGRITY_KEY str Required HMAC key for log signing
ENCRYPTION_KEY bytes None Fernet key for PII encryption
LOG_FORMAT str "JSON" "JSON" or "CEF"
ANONYMIZE_IPS bool True Mask last octet of IPs
ENCRYPT_PII bool True Enable PII encryption in logs
PII_FIELDS list ["user_id", "email", "ip"] Fields to encrypt
ENABLE_RATE_LIMIT bool True Enable rate limiting
RATE_LIMIT_THRESHOLD int 100 Requests per window
RATE_LIMIT_WINDOW int 60 Window in seconds
RATE_LIMIT_ALGORITHM str "sliding_window" "sliding_window" or "fixed_window"
BLOCK_TOR_EXIT_NODES bool False Block Tor exit nodes
ENABLE_SESSION_GUARD bool True Detect session hijacking
SESSION_IP_TOLERANCE str "subnet" "exact", "subnet", or "none"
ENFORCE_MFA_ROUTES list [] Paths requiring MFA
MFA_REDIRECT_URL str "/accounts/mfa/" MFA verification URL
ENABLE_WEBHOOKS bool False Enable webhook notifications
WEBHOOKS list [] [{"url": "...", "format": "slack"}]

Management Commands

check_nis2

Audit your Django configuration against NIS2 requirements.

python manage.py check_nis2
Output: Compliance score (0-100) with detailed pass/fail checks.

update_threat_list

Update the Tor exit node blocklist.

python manage.py update_threat_list

generate_incident_report

Generate a CSIRT-ready incident report.

python manage.py generate_incident_report --hours=24 --output=incident.json
Options: --hours (default: 24), --output (file path)

SIEM Integration Presets

Pre-configured logging for major SIEM platforms:

Elasticsearch

from django_nis2_shield import get_elasticsearch_config
LOGGING = get_elasticsearch_config(host='localhost')

Splunk

from django_nis2_shield import get_splunk_hec_config
LOGGING = get_splunk_hec_config(token='...')

QRadar

from django_nis2_shield import get_qradar_dsm_config
LOGGING = get_qradar_dsm_config(host='qradar')

Datadog

from django_nis2_shield import get_datadog_config
LOGGING = get_datadog_config(api_key='...')

Python API

ForensicLogger

Main logger class with HMAC signing.

from django_nis2_shield import ForensicLogger

logger = ForensicLogger(integrity_key="your-key")
logger.log_event("user_login", user_id=123, ip="192.168.1.1")

SlidingWindowRateLimiter

Rate limiter with sliding window algorithm.

from django_nis2_shield import SlidingWindowRateLimiter

limiter = SlidingWindowRateLimiter(threshold=100, window=60)
if limiter.is_allowed(client_ip):
    # Process request
    pass

WebhookNotifier

Send security alerts to Slack, Teams, Discord.

from django_nis2_shield import WebhookNotifier

notifier = WebhookNotifier([
    {"url": "https://hooks.slack.com/...", "format": "slack"}
])
notifier.send("rate_limit_exceeded", details={"ip": "..."})