@noukha-technologies/audit-module
v1.0.6
Published
Comprehensive audit logging and monitoring module for NestJS applications
Readme
@noukha/audit-module
Comprehensive audit logging and monitoring module for NestJS applications with MongoDB support.
Installation
npm install @noukha/audit-moduleFeatures
- Comprehensive Audit Logging: Track all user actions, system events, and data changes
- Flexible Configuration: Customizable audit rules and retention policies
- Real-time Monitoring: Live audit trail with filtering and search capabilities
- Performance Tracking: Monitor response times and system performance
- Security Auditing: Track security events, permission changes, and access patterns
- Data Export: Export audit logs in various formats
- Automatic Cleanup: Configurable retention and cleanup policies
- RESTful API: Complete REST API for audit log management
- MongoDB Integration: Optimized for MongoDB with proper indexing
- NestJS Integration: Seamless integration with NestJS applications
Quick Start
1. Import the Module
import { AuditModule } from '@noukha/audit-module';
@Module({
imports: [
AuditModule.forRoot({
connectionString: 'mongodb://localhost:27017/audit',
database: 'audit',
retentionDays: 30,
enableControllers: true,
enableGlobalLogger: true,
logLevel: 'info',
autoCleanup: true,
cleanupInterval: 24 * 60 * 60 * 1000, // 24 hours
})
]
})
export class AppModule {}2. Use the Services
import { AuditLoggerService, AuditService } from '@noukha/audit-module';
@Injectable()
export class MyService {
constructor(
private readonly auditLogger: AuditLoggerService,
private readonly auditService: AuditService
) {}
async createUser(userData: any) {
// Your business logic here
const user = await this.userRepository.create(userData);
// Log the audit event
await this.auditLogger.logDataCreate('user', user.id, userData, {
userId: 'current-user-id',
sessionId: 'session-123',
ipAddress: '192.168.1.1',
userAgent: 'Mozilla/5.0...',
endpoint: '/api/users',
method: 'POST',
correlationId: 'req-123'
});
return user;
}
async updateUser(userId: string, updateData: any) {
const oldUser = await this.userRepository.findById(userId);
const updatedUser = await this.userRepository.update(userId, updateData);
// Log the audit event
await this.auditLogger.logDataUpdate('user', userId, oldUser, updatedUser, {
userId: 'current-user-id',
sessionId: 'session-123',
ipAddress: '192.168.1.1',
userAgent: 'Mozilla/5.0...',
endpoint: '/api/users/' + userId,
method: 'PUT',
correlationId: 'req-124'
});
return updatedUser;
}
}3. Use Decorators (Optional)
import { AuditLog } from '@noukha/audit-module';
@Controller('users')
export class UserController {
@Post()
@AuditLog({
action: 'CREATE',
resource: 'user',
message: 'User created'
})
async createUser(@Body() userData: any) {
return this.userService.create(userData);
}
@Put(':id')
@AuditLog({
action: 'UPDATE',
resource: 'user',
message: 'User updated'
})
async updateUser(@Param('id') id: string, @Body() updateData: any) {
return this.userService.update(id, updateData);
}
}API Reference
AuditService
Core Methods
createAuditLog(auditOptions: AuditOptions): Promise<AuditLog>createAuditLogFromDto(createAuditLogDto: CreateAuditLogDto): Promise<AuditLog>findAuditLogs(searchOptions: AuditSearchOptions): Promise<PaginatedResponse<AuditLog>>findAuditLogById(id: string): Promise<AuditLog>updateAuditLog(id: string, updateAuditLogDto: UpdateAuditLogDto): Promise<AuditLog>deleteAuditLog(id: string): Promise<void>archiveAuditLog(id: string): Promise<AuditLog>restoreAuditLog(id: string): Promise<AuditLog>bulkArchiveAuditLogs(ids: string[]): Promise<void>bulkDeleteAuditLogs(ids: string[]): Promise<void>
Utility Methods
getAuditStats(startDate?: Date, endDate?: Date): Promise<any>exportAuditLogs(searchOptions: AuditSearchOptions): Promise<any>cleanupExpiredLogs(): Promise<number>getAuditTrail(resource: string, resourceId: string): Promise<AuditLog[]>
AuditLoggerService
Logging Methods
log(options: AuditOptions): Promise<void>logAction(action: string, resource: string, resourceId: string, context: any): Promise<void>logError(error: Error, context: any): Promise<void>logSecurity(event: string, context: any): Promise<void>logPerformance(operation: string, duration: number, context: any): Promise<void>
Convenience Methods
logUserLogin(userId: string, context: AuditContext): Promise<void>logUserLogout(userId: string, context: AuditContext): Promise<void>logDataCreate(resource: string, resourceId: string, data: any, context: AuditContext): Promise<void>logDataUpdate(resource: string, resourceId: string, oldData: any, newData: any, context: AuditContext): Promise<void>logDataDelete(resource: string, resourceId: string, data: any, context: AuditContext): Promise<void>logPermissionChange(userId: string, targetUserId: string, permissions: any, context: AuditContext): Promise<void>logRoleAssignment(userId: string, targetUserId: string, role: string, context: AuditContext): Promise<void>
Audit Actions
Standard Actions
CREATE: Data creationREAD: Data retrievalUPDATE: Data modificationDELETE: Data deletionLOGIN: User loginLOGOUT: User logoutEXPORT: Data exportIMPORT: Data importBULK_UPDATE: Bulk data updatesBULK_DELETE: Bulk data deletionSEARCH: Search operationsFILTER: Filter operationsSORT: Sort operationsPAGINATE: Pagination operationsDOWNLOAD: File downloadsUPLOAD: File uploadsAPPROVE: Approval actionsREJECT: Rejection actionsPUBLISH: Publishing actionsUNPUBLISH: Unpublishing actionsARCHIVE: Archiving actionsRESTORE: Restoration actionsSHARE: Sharing actionsCOPY: Copy operationsMOVE: Move operationsRENAME: Rename operationsPERMISSION_CHANGE: Permission changesROLE_ASSIGN: Role assignmentsROLE_REMOVE: Role removalsPASSWORD_CHANGE: Password changesPROFILE_UPDATE: Profile updatesSYSTEM_CONFIG: System configuration changesCUSTOM: Custom actions
Audit Levels
DEBUG: Debug informationINFO: General informationWARN: Warning messagesERROR: Error conditionsCRITICAL: Critical errors
Audit Categories
AUTHENTICATION: Authentication eventsAUTHORIZATION: Authorization eventsDATA_ACCESS: Data access eventsDATA_MODIFICATION: Data modification eventsSYSTEM_OPERATION: System operationsUSER_ACTIVITY: User activitiesSECURITY: Security eventsPERFORMANCE: Performance eventsERROR: Error eventsBUSINESS: Business eventsCOMPLIANCE: Compliance eventsINTEGRATION: Integration eventsCUSTOM: Custom categories
Audit Sources
API: API requestsWEB: Web interfaceMOBILE: Mobile applicationDESKTOP: Desktop applicationSYSTEM: System operationsBATCH: Batch processesSCHEDULED: Scheduled tasksWEBHOOK: Webhook eventsINTEGRATION: External integrationsMANUAL: Manual operations
Configuration Options
interface AuditModuleOptions {
connectionString?: string; // MongoDB connection string
database?: string; // Database name (default: 'audit')
collectionPrefix?: string; // Collection name prefix
retentionDays?: number; // Log retention in days (default: 30)
enableControllers?: boolean; // Enable REST controllers (default: true)
enableGlobalLogger?: boolean; // Enable global logger (default: true)
logLevel?: 'debug' | 'info' | 'warn' | 'error'; // Log level
autoCleanup?: boolean; // Enable automatic cleanup (default: true)
cleanupInterval?: number; // Cleanup interval in milliseconds
}REST API Endpoints
Audit Logs
GET /audit-logs- Get audit logs with filtering and paginationGET /audit-logs/:id- Get specific audit logPOST /audit-logs- Create new audit logPUT /audit-logs/:id- Update audit logDELETE /audit-logs/:id- Delete audit logPUT /audit-logs/:id/archive- Archive audit logPUT /audit-logs/:id/restore- Restore archived audit logPOST /audit-logs/bulk/archive- Bulk archive audit logsPOST /audit-logs/bulk/delete- Bulk delete audit logsGET /audit-logs/stats- Get audit statisticsGET /audit-logs/export- Export audit logsGET /audit-logs/trail/:resource/:resourceId- Get audit trailPOST /audit-logs/cleanup- Cleanup expired logs
Audit Configuration
GET /audit-configs- Get all audit configurationsGET /audit-configs/:id- Get specific audit configurationPOST /audit-configs- Create new audit configurationPUT /audit-configs/:id- Update audit configurationDELETE /audit-configs/:id- Delete audit configurationPUT /audit-configs/:id/activate- Activate configurationPUT /audit-configs/:id/deactivate- Deactivate configuration
Query Parameters
Find Audit Logs
action: Filter by audit actionlevel: Filter by audit levelcategory: Filter by audit categorysource: Filter by audit sourceuserId: Filter by user IDsessionId: Filter by session IDresource: Filter by resource typeresourceId: Filter by resource IDcorrelationId: Filter by correlation IDparentAuditId: Filter by parent audit IDtags: Filter by tags (array)search: Text search across multiple fieldsstartDate: Filter by start dateendDate: Filter by end dateipAddress: Filter by IP addressendpoint: Filter by endpointmethod: Filter by HTTP methodminResponseTime: Minimum response time filtermaxResponseTime: Maximum response time filterstatusCode: Filter by HTTP status codeisArchived: Filter by archive statusmetadataFilters: Filter by metadata fieldspage: Page number (default: 1)limit: Items per page (default: 10)sortBy: Sort field (default: 'timestamp')sortOrder: Sort order ('asc' | 'desc', default: 'desc')
Examples
Basic Usage
// Log a simple action
await auditLogger.logAction('CREATE', 'user', 'user-123', {
userId: 'admin-1',
sessionId: 'session-456',
ipAddress: '192.168.1.100',
userAgent: 'Mozilla/5.0...',
endpoint: '/api/users',
method: 'POST'
});
// Log an error
await auditLogger.logError(new Error('Database connection failed'), {
userId: 'system',
sessionId: 'system',
resource: 'database',
resourceId: 'connection-1',
metadata: { database: 'main', host: 'localhost' }
});
// Log performance metrics
await auditLogger.logPerformance('database-query', 150, {
userId: 'user-1',
sessionId: 'session-789',
resource: 'database',
resourceId: 'query-1',
metadata: { query: 'SELECT * FROM users', table: 'users' }
});Advanced Filtering
// Find audit logs with complex filtering
const auditLogs = await auditService.findAuditLogs({
action: AuditAction.CREATE,
category: AuditCategory.USER_ACTIVITY,
userId: 'user-123',
startDate: new Date('2024-01-01'),
endDate: new Date('2024-01-31'),
search: 'user creation',
page: 1,
limit: 20,
sortBy: 'timestamp',
sortOrder: 'desc'
});Audit Trail
// Get complete audit trail for a resource
const auditTrail = await auditService.getAuditTrail('user', 'user-123');
console.log(`Found ${auditTrail.length} audit events for user user-123`);Statistics
// Get audit statistics
const stats = await auditService.getAuditStats(
new Date('2024-01-01'),
new Date('2024-01-31')
);
console.log(`Total logs: ${stats.totalLogs}`);
console.log(`Unique users: ${stats.uniqueUsers}`);
console.log(`Average response time: ${stats.avgResponseTime}ms`);
console.log(`Error rate: ${stats.errorRate}%`);Best Practices
1. Consistent Context
Always provide consistent context information:
const auditContext = {
userId: req.user?.id || 'anonymous',
sessionId: req.sessionID || 'no-session',
ipAddress: req.ip || req.connection.remoteAddress,
userAgent: req.get('User-Agent') || 'unknown',
endpoint: req.originalUrl,
method: req.method,
correlationId: req.headers['x-correlation-id'] || nanoid()
};2. Meaningful Messages
Use descriptive messages that provide context:
// Good
await auditLogger.logAction('CREATE', 'user', userId, {
...context,
message: `User ${userId} created with email ${userData.email}`
});
// Bad
await auditLogger.logAction('CREATE', 'user', userId, {
...context,
message: 'User created'
});3. Appropriate Log Levels
Use appropriate log levels for different types of events:
// Critical security events
await auditLogger.logSecurity('Failed login attempt', {
...context,
level: AuditLevel.CRITICAL,
metadata: { attempts: 5, locked: true }
});
// Performance warnings
await auditLogger.logPerformance('slow-query', 5000, {
...context,
level: AuditLevel.WARN
});4. Data Privacy
Be careful with sensitive data in audit logs:
// Remove sensitive fields before logging
const sanitizedData = { ...userData };
delete sanitizedData.password;
delete sanitizedData.ssn;
delete sanitizedData.creditCard;
await auditLogger.logDataCreate('user', userId, sanitizedData, context);5. Retention Policies
Configure appropriate retention policies:
// Different retention for different types of logs
await auditService.createAuditLog({
...auditOptions,
expiresAt: new Date(Date.now() + 365 * 24 * 60 * 60 * 1000), // 1 year for security logs
});Performance Considerations
1. Async Logging
Always use async logging to avoid blocking the main application:
// Good - fire and forget
this.auditLogger.logAction('CREATE', 'user', userId, context).catch(err => {
console.error('Audit logging failed:', err);
});
// Bad - blocking
await this.auditLogger.logAction('CREATE', 'user', userId, context);2. Batch Operations
For bulk operations, consider batching audit logs:
// Batch multiple audit logs
const auditLogs = users.map(user => ({
action: AuditAction.CREATE,
resource: 'user',
resourceId: user.id,
// ... other fields
}));
await Promise.all(auditLogs.map(log => auditService.createAuditLog(log)));3. Indexing
The module automatically creates indexes for common query patterns:
userId + timestampresource + resourceId + timestampaction + category + timestampsessionId + timestampcorrelationIdexpiresAt(for TTL)
Troubleshooting
Common Issues
- High Memory Usage: Reduce retention period or implement log rotation
- Slow Queries: Check if proper indexes are created
- Missing Logs: Verify audit configuration and service injection
- Performance Impact: Use async logging and consider batching
Debug Mode
Enable debug logging to troubleshoot issues:
AuditModule.forRoot({
logLevel: 'debug',
// ... other options
})License
MIT
Support
For support and questions, please open an issue on the GitHub repository.