security-audit-logging
Installation
SKILL.md
Security Audit Logging
Table of Contents
Overview
Implement comprehensive audit logging for security events, user actions, and system changes with structured logging, retention policies, and SIEM integration.
When to Use
- Compliance requirements (SOC 2, HIPAA, PCI-DSS)
- Security monitoring
- Forensic investigations
- User activity tracking
- System change auditing
- Breach detection
Quick Start
Minimal working example:
// audit-logger.js
const winston = require("winston");
const { ElasticsearchTransport } = require("winston-elasticsearch");
class AuditLogger {
constructor() {
this.logger = winston.createLogger({
level: "info",
format: winston.format.combine(
winston.format.timestamp(),
winston.format.json(),
),
transports: [
// File transport
new winston.transports.File({
filename: "logs/audit.log",
maxsize: 10485760, // 10MB
maxFiles: 30,
tailable: true,
}),
// Elasticsearch transport for SIEM
new ElasticsearchTransport({
level: "info",
clientOpts: {
// ... (see reference guides for full implementation)
Reference Guides
Detailed implementations in the references/ directory:
| Guide | Contents |
|---|---|
| Node.js Audit Logger | Node.js Audit Logger |
| Python Audit Logging System | Python Audit Logging System |
| Java Audit Logging | Java Audit Logging |
Best Practices
✅ DO
- Log all security events
- Use structured logging
- Include timestamps (UTC)
- Log user context
- Implement log retention
- Encrypt sensitive logs
- Monitor log integrity
- Send to SIEM
- Include request IDs
❌ DON'T
- Log passwords/secrets
- Log sensitive PII unnecessarily
- Skip failed attempts
- Allow log tampering
- Store logs insecurely
- Ignore log analysis
Weekly Installs
211
Repository
aj-geddes/usefu…-promptsGitHub Stars
162
First Seen
Jan 21, 2026
Security Audits
Installed on
opencode182
gemini-cli178
codex174
cursor167
github-copilot162
claude-code151