PHPackages soc-warden/php-sdk - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. soc-warden/php-sdk ActiveLibrary[Security](/categories/security) soc-warden/php-sdk ================== SOCWarden security observability SDK for PHP (framework-agnostic) v1.0.0-alpha.2(4w ago)01MITPHPPHP ^8.2 Since May 12Pushed 4w agoCompare [ Source](https://github.com/SOC-Warden/php-sdk)[ Packagist](https://packagist.org/packages/soc-warden/php-sdk)[ RSS](/packages/soc-warden-php-sdk/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependencies (2)Versions (4)Used By (0) SOCWarden PHP SDK ================= [](#socwarden-php-sdk) Framework-agnostic PHP SDK for [SOCWarden](https://socwarden.com) security observability. Works with any PHP 8.2+ application -- no Laravel or Symfony dependency required. Installation ------------ [](#installation) ``` composer require soc-warden/php-sdk ``` Quick Start ----------- [](#quick-start) ``` use SOCWarden\SOCWarden; $soc = new SOCWarden( apiKey: 'your-api-key', endpoint: 'https://ingestor.socwarden.com', ); // Simple tracking with named arguments $soc->track('auth.login.success', actorId: 'usr_123', actorEmail: 'john@example.com'); // Track with metadata $soc->track('data.exported', actorId: 'usr_456', metadata: ['format' => 'csv', 'rows' => 1500]); ``` Fluent Event Builder -------------------- [](#fluent-event-builder) ``` $soc->event('auth.login.failure') ->actorEmail('john@example.com') ->ip('203.0.113.42') ->meta('reason', 'invalid_password') ->meta('attempt', 3) ->send(); $soc->event('data.exported') ->actor('usr_123', 'john@example.com') ->resource('Report', 42) ->metadata(['format' => 'csv', 'rows' => 1500]) ->timestamp(new \DateTimeImmutable()) ->severity('medium') ->send(); ``` Raw Data Array -------------- [](#raw-data-array) ``` $soc->trackData('auth.login.success', [ 'actor_id' => 'usr_123', 'actor_email' => 'john@example.com', 'ip' => '203.0.113.42', 'user_agent' => 'Mozilla/5.0 ...', 'metadata' => ['role' => 'admin'], ]); ``` PSR-15 Middleware (Slim, Mezzio, etc.) -------------------------------------- [](#psr-15-middleware-slim-mezzio-etc) The SDK ships with a PSR-15 middleware that automatically captures request context (method, path, query string, IP, user agent, referer) and attaches it to every tracked event. ### Slim 4 [](#slim-4) ``` use SOCWarden\SOCWarden; use SOCWarden\Middleware\PSR15Middleware; use Slim\Factory\AppFactory; $soc = new SOCWarden( apiKey: 'your-api-key', endpoint: 'https://ingestor.socwarden.com', ); $app = AppFactory::create(); $app->add(new PSR15Middleware($soc)); $app->post('/login', function ($request, $response) use ($soc) { // Request context is automatically captured $soc->track('auth.login.success', actorId: $userId); // ... }); ``` ### Mezzio (Laminas) [](#mezzio-laminas) ``` // config/pipeline.php $app->pipe(new \SOCWarden\Middleware\PSR15Middleware($container->get(\SOCWarden\SOCWarden::class))); ``` Manual Request Context ---------------------- [](#manual-request-context) If you are not using PSR-15 middleware, you can set the request manually: ``` // Any PSR-7 ServerRequestInterface $soc->setRequest($psrRequest); // Now all tracked events include request context $soc->track('auth.login.success', actorId: 'usr_123'); ``` Constructor Options ------------------- [](#constructor-options) ParameterTypeDefaultDescription`apiKey``string`*(required)*Your SOCWarden API key`endpoint``string`*(required)*SOCWarden ingestor base URL`timeout``int``5`HTTP timeout in seconds`autoContext``bool``true`Auto-collect server/request context`browserContextHeader``string``X-SOCWarden-Context`Header for browser-side context JSONAuto-Context ------------ [](#auto-context) When `autoContext` is enabled (default), every event automatically includes: - **SDK info**: name (`socwarden-php`), version - **Server info**: hostname, PHP version, PID - **Request info** (when a PSR-7 request is set): method, path, sanitized query string, referer, origin, content type, accept language, request ID - **Browser context**: parsed from the `X-SOCWarden-Context` header (set by the browser SDK) Sensitive query string parameters (`token`, `key`, `password`, `secret`, `code`, `auth`, `session`, `csrf`) are automatically redacted. Rate Limit Handling ------------------- [](#rate-limit-handling) The SDK automatically handles HTTP 429 responses with file-based backoff: - On 429, the SDK backs off for 1 hour (or the server's `Retry-After` value) - During backoff, a probe request is sent every 5 minutes to check if quota is restored - On success, the backoff is automatically cleared - Backoff state is stored in `sys_get_temp_dir()` so it persists across requests Event Type Format ----------------- [](#event-type-format) Event types must match the pattern: `^[a-z][a-z0-9]{0,29}(\.[a-z][a-z0-9_]{0,29}){1,3}$` Examples: `auth.login.success`, `data.exported`, `server.ssh.login.failure` License ------- [](#license) MIT ### Health Score 36 — LowBetter than 79% of packages Maintenance94 Actively maintained with recent releases Popularity2 Limited adoption so far Community8 Small or concentrated contributor base Maturity34 Early-stage or recently created project Bus Factor1 Top contributor holds 60% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 3 Last Release 28d ago Major Versions v0.0.1-alpha.1 → v1.0.0-alpha.12026-05-12 ### Community Maintainers ![](https://www.gravatar.com/avatar/1285084ec2d00e6c1442d03992cd156772da7267efdcbe59ac913c0676a9eb89?d=identicon)[afiqiqmal](/maintainers/afiqiqmal) --- Top Contributors [![mywira](https://avatars.githubusercontent.com/u/108710869?v=4)](https://github.com/mywira "mywira (3 commits)")[![afiqiqmal](https://avatars.githubusercontent.com/u/9051312?v=4)](https://github.com/afiqiqmal "afiqiqmal (2 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/soc-warden-php-sdk/health.svg) ``` [![Health](https://phpackages.com/badges/soc-warden-php-sdk/health.svg)](https://phpackages.com/packages/soc-warden-php-sdk) ``` ### Alternatives [aws/aws-sdk-php AWS SDK for PHP - Use Amazon Web Services in your PHP project 6.3k532.1M2.5k](/packages/aws-aws-sdk-php)[neuron-core/neuron-ai The PHP Agentic Framework. 1.9k496.1k32](/packages/neuron-core-neuron-ai)[tencentcloud/tencentcloud-sdk-php TencentCloudApi php sdk 3751.2M45](/packages/tencentcloud-tencentcloud-sdk-php)[tempest/framework The PHP framework that gets out of your way. 2.2k31.1k11](/packages/tempest-framework)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8956.1k](/packages/dgtlss-warden)[eslazarev/wildberries-sdk Wildberries OpenAPI clients (generated). 232.5k](/packages/eslazarev-wildberries-sdk) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)