UNPKG

@thomkjel/logger

Version:

Security-focused event logging library for Next.js applications (Work in Progress)

89 lines (77 loc) 3.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [1.0.0] - 2024-01-01 ### Added - Initial release of @logstack/logger - Core Logger class with singleton pattern - TypeScript support with full type definitions - Better Stack integration for production logging - Security event categorization (AUTHN, AUTHZ, SESSION, etc.) - Human-readable message formatting for 20+ event types - Development console logging - Non-blocking async logging to external services - Usage metrics tracking for future SaaS features - Extensible configuration for API keys and rate limiting - Comprehensive test suite with Jest - GitHub Actions CI/CD pipeline - Private npm package publishing setup - Next.js integration examples - Complete documentation and usage guides ### Security Events Supported - Authentication: login success/failure, password changes, token management, impossible travel - Authorization: access failures, permission changes, admin actions - Session: creation, renewal, expiration, expired session usage - User Management: create, update, archive, delete operations - System: error logging and monitoring ### Features - ✅ TypeScript support - ✅ Better Stack integration - ✅ Singleton pattern - ✅ Non-blocking logging - ✅ Event categorization - ✅ Human-readable messages - ✅ Usage metrics (ready for SaaS) - ✅ API key support (ready for SaaS) - ✅ Rate limiting structure (ready for SaaS) - ✅ Comprehensive testing - ✅ Private package publishing - ✅ Next.js examples ## [Unreleased] ### Planned for v1.1.0 (Enterprise Features) - [ ] OWASP Top 10 2021 compliance alerts - [ ] ISO 27001 automated compliance checking - [ ] Vanta integration for compliance evidence - [ ] User journey analytics and tracking - [ ] AI-powered behavioral analysis - [ ] Risk scoring for user activities ### Planned for v2.0.0 (AI & Natural Language Features) - [ ] Natural language query interface - [ ] MCP server integration for Claude/ChatGPT - [ ] AI-powered threat detection and analysis - [ ] Automated anomaly detection - [ ] Interactive log analysis and insights - [ ] Custom compliance rule engine ### Planned for v3.0.0 (Full SaaS Platform) - [ ] Multi-tenant API key management - [ ] Usage-based billing metrics - [ ] Real-time security dashboards - [ ] Advanced analytics and reporting - [ ] Custom alert workflows - [ ] Integration marketplace - [ ] White-label solutions ### Enterprise Compliance Features (Ready in v1.1.0) - ✅ OWASP Top 10 alert framework - ✅ ISO 27001 control mapping - ✅ Automated audit report generation - ✅ Compliance evidence compilation - ✅ Security control documentation - ✅ Risk assessment framework ### AI & Analytics Features (Ready in v2.0.0) - ✅ Natural language query processing - ✅ User journey tracking and analysis - ✅ Behavioral anomaly detection - ✅ Risk scoring algorithms - ✅ MCP protocol integration - ✅ AI-powered insights engine