ReddRadar
Agent skill
security-event
セキュリティイベント機能の開発・修正を行う際に使用。イベント発行、統計データ更新、フック連携(Slack/Datadog/Webhook/SSF)の実装時に役立つ。
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/security-event
SKILL.md
セキュリティイベント機能 開発ガイド
ドキュメント
詳細なドキュメントは以下を参照:
documentation/docs/content_03_concepts/06-security-extensions/concept-01-security-events.md- セキュリティイベント概念documentation/docs/content_03_concepts/07-operations/concept-03-tenant-statistics.md- テナント統計概念documentation/docs/content_06_developer-guide/03-application-plane/09-security-event.md- 開発者ガイドdocumentation/docs/content_05_how-to/phase-4-extensions/04-security-event-hooks.md- フック設定
モジュール構成
libs/
├── idp-server-platform/ # コア定義
│ └── .../platform/security/
│ ├── SecurityEvent.java # イベントモデル
│ ├── event/ # イベント関連クラス
│ │ ├── SecurityEventType.java
│ │ ├── SecurityEventUser.java
│ │ └── DefaultSecurityEventType.java
│ ├── handler/
│ │ └── SecurityEventHandler.java # メインハンドラー
│ ├── hook/ # フックIF
│ └── repository/ # リポジトリIF
│
├── idp-server-security-event-framework/ # SSF実装
│ └── .../security/event/hook/ssf/
│
├── idp-server-security-event-hooks/ # 各種フック実装
│ └── .../security/event/hooks/
│ ├── slack/
│ ├── datadog/
│ ├── email/
│ └── webhook/
│
├── idp-server-control-plane/ # 管理API
│ └── .../management/security/event/
│
└── idp-server-core-adapter/ # DB実装
└── .../security/event/
├── command/
└── query/
処理フロー
[認証/認可イベント発生]
↓
[SecurityEvent発行] (@Async)
↓
[SecurityEventHandler.handle()]
├── [1] イベントをDBに保存
├── [2] 統計データ更新(statistics_events)
├── [3] アクティブユーザー更新(DAU/MAU/YAU)
├── [4] ログ出力
└── [5] フック実行(Slack/Datadog/Webhook/SSF)
統計データ更新
SecurityEventHandlerは以下のリポジトリを使用:
StatisticsEventsCommandRepository- イベント種別ごとのカウントDailyActiveUserCommandRepository- DAUMonthlyActiveUserCommandRepository- MAUYearlyActiveUserCommandRepository- YAU
パフォーマンス改善(#1198)
- JSONBベースの更新 → 行ベースのupsertに変更
statistics_eventsテーブルで直接upsert- 10ms → 0.53ms(約19倍高速化)
パフォーマンス改善(#1231)
- フックコンフィグ取得をAdapter層でキャッシュ(TTL 5分)
- 設定の登録/更新/削除時にキャッシュ自動無効化
TenantQueryDataSourceと同じパターンで実装- 実装:
SecurityEventHookConfigurationQueryDataSource,SecurityEventHookConfigurationCommandDataSource
フック種別
| フック | 用途 |
|---|---|
| Slack | Slack通知 |
| Datadog | ログ転送 |
| Webhook | 汎用HTTP |
| SSF | Shared Signals Framework |
| メール通知 |
E2Eテスト
e2e/src/tests/
├── integration/ida/
│ └── integration-06-identity-verification-security-event.test.js
└── usecase/mfa/
└── mfa-02-security-event-logging.test.js
コマンド
./gradlew :libs:idp-server-platform:compileJava
./gradlew :libs:idp-server-security-event-framework:compileJava
./gradlew :libs:idp-server-security-event-hooks:compileJava
cd e2e && npm test -- --grep "security.*event"
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?