安全审计日志最佳实践：Node.js/Python/Java实现指南与SIEM集成方案

security-audit-logging by aj-geddes/useful-ai-prompts

212 周安装量

162 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill security-audit-logging

Node.js 开发运维安全

🇨🇳中文介绍

安全审计日志

概述

通过结构化日志记录、保留策略和 SIEM 集成，为安全事件、用户操作和系统变更实施全面的审计日志记录。

使用场景

合规性要求（SOC 2、HIPAA、PCI-DSS）
安全监控
取证调查
用户活动跟踪
系统变更审计
违规检测

快速开始

最小化工作示例：

// audit-logger.js
const winston = require("winston");
const { ElasticsearchTransport } = require("winston-elasticsearch");

class AuditLogger {
  constructor() {
    this.logger = winston.createLogger({
      level: "info",
      format: winston.format.combine(
        winston.format.timestamp(),
        winston.format.json(),
      ),
      transports: [
        // File transport
        new winston.transports.File({
          filename: "logs/audit.log",
          maxsize: 10485760, // 10MB
          maxFiles: 30,
          tailable: true,
        }),

        // Elasticsearch transport for SIEM
        new ElasticsearchTransport({
          level: "info",
          clientOpts: {
// ... (完整实现请参阅参考指南)

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

指南	内容
Node.js Audit Logger	Node.js 审计日志记录器
Python Audit Logging System	Python 审计日志记录系统
Java Audit Logging	Java 审计日志记录

🇺🇸English

Security Audit Logging

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

Implement comprehensive audit logging for security events, user actions, and system changes with structured logging, retention policies, and SIEM integration.

When to Use

Compliance requirements (SOC 2, HIPAA, PCI-DSS)
Security monitoring
Forensic investigations
User activity tracking
System change auditing
Breach detection

Quick Start

Minimal working example:

// audit-logger.js
const winston = require("winston");
const { ElasticsearchTransport } = require("winston-elasticsearch");

class AuditLogger {
  constructor() {
    this.logger = winston.createLogger({
      level: "info",
      format: winston.format.combine(
        winston.format.timestamp(),
        winston.format.json(),
      ),
      transports: [
        // File transport
        new winston.transports.File({
          filename: "logs/audit.log",
          maxsize: 10485760, // 10MB
          maxFiles: 30,
          tailable: true,
        }),

        // Elasticsearch transport for SIEM
        new ElasticsearchTransport({
          level: "info",
          clientOpts: {
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
Node.js Audit Logger	Node.js Audit Logger
Python Audit Logging System	Python Audit Logging System
Java Audit Logging	Java Audit Logging

Best Practices

✅ DO

Log all security events
Use structured logging
Include timestamps (UTC)
Log user context
Implement log retention
Encrypt sensitive logs
Monitor log integrity
Send to SIEM
Include request IDs

❌ DON'T

Log passwords/secrets
Log sensitive PII unnecessarily
Skip failed attempts
Allow log tampering
Store logs insecurely
Ignore log analysis

Weekly Installs

143

Repository

aj-geddes/usefu…-prompts

GitHub Stars

121

First Seen

Jan 21, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

opencode122

gemini-cli118

codex114

cursor107

github-copilot102

claude-code102

安全审计日志最佳实践：Node.js/Python/Java实现指南与SIEM集成方案

🇨🇳中文介绍

安全审计日志

目录

概述

使用场景

快速开始

相关 Skills

参考指南

最佳实践

✅ 建议

❌ 避免