Protocole d'audit et de journalisation
Mettre en place un système complet de journalisation pour tracer toutes les actions critiques. Inclut des standards d'implémentation backend, gestion de base de données et une checklist de vérification.
Spar Skills Guide Bot
DevOpsIntermédiaire1 vues0 installations08/03/2026Claude CodeCursorCopilot
audit-loggingbackend-implementationsecurity-compliancedatabase-schemaerror-tracking
name: audit_logging description: Ensure every critical action is logged (vital for UAG/Trust Room). allowed-tools: Read, Edit, Write
Audit Logging Protocol
1. Principles
- No Invisible Actions: Every state-changing API call (POST, PUT, DELETE) must produce a log entry.
- Traceability: Logs must include
userId,action,resourceId, andmetadata.
2. Implementation Standards
- Backend (API):
- Use the project's standard Logger service (e.g.,
src/services/logger.tsor similar). - Example:
await Logger.info({ event: 'POST_CREATED', userId: user.id, metadata: { postId: newPost.id } });
- Use the project's standard Logger service (e.g.,
- Database (Supabase):
- Ensure tables have
created_at,updated_at, andcreated_bycolumns. - Check if specific Audit Table inserts are required (e.g.
audit_logstable).
- Ensure tables have
3. Verification Checklist
- [ ] Does the new API endpoint call
Logger? - [ ] Are logs visible in Supabase/Dashboards?
- [ ] Is the log level appropriate (Info vs Error)?
- [ ] Does the log contain enough context to debug issues later?
Skills similaires
Architecte Docker Compose
100
Concoit des configurations Docker Compose optimisees.
Claude CodeCopilotadvanced
4301561289Admin
Rapport de Post-Mortem
100
Rédige des rapports post-mortem d'incidents structurés et blameless.
claudeCursorWindsurfintermediate
14143338Admin
Créateur de Runbooks
100
Crée des runbooks opérationnels clairs pour les procédures DevOps courantes.
claudeCursorWindsurfintermediate
10832262Admin