← 返回
未分类 中文

Audit Log Hook

Logs all tool calls before and after execution with parameters, results, errors, and session info for auditing and debugging.
记录所有工具调用的参数、结果、错误及会话信息,用于审计和调试。
hanxiao-bot hanxiao-bot 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 326
下载
💾 1
安装
1
版本
#latest

概述

Audit Log Hook - Tool Call Audit

Purpose

Record all tool calls via before_tool_call and after_tool_call hooks for:

  • Security auditing
  • Debugging issues
  • Usage statistics
  • Error tracking

Implementation

Register hooks in a plugin:

// Audit log file path
const AUDIT_LOG = path.join(process.env.OPENCLAW_STATE_DIR || '~/.openclaw', 'audit.log');

api.registerHook("before_tool_call", async ({ event, ctx }) => {
  const entry = {
    ts: new Date().toISOString(),
    event: "before_tool_call",
    tool: event.tool.name,
    params: JSON.stringify(event.tool.params).slice(0, 500),
    session: ctx.sessionKey,
    user: ctx.session?.senderId || 'unknown'
  };
  console.log("[AUDIT]", JSON.stringify(entry));
  return {};
});

api.registerHook("after_tool_call", async ({ event, ctx }) => {
  const entry = {
    ts: new Date().toISOString(),
    event: "after_tool_call",
    tool: event.tool.name,
    result: String(event.result).slice(0, 200),
    error: event.error?.message || null,
    duration: event.durationMs,
    session: ctx.sessionKey
  };
  console.log("[AUDIT]", JSON.stringify(entry));
  return {};
});

Log Format

{"ts":"2026-04-01T23:00:00.000Z","event":"before_tool_call","tool":"exec","params":"{\"command\":\"ls -la\"}","session":"agent:main:feishu:direct:ou_xxx","user":"ou_xxx"}
{"ts":"2026-04-01T23:00:00.050Z","event":"after_tool_call","tool":"exec","result":"total 8\ndrwxr-xr-x  12 dc  staff   384 Apr  1 23:00","error":null,"duration":50,"session":"agent:main:feishu:direct:ou_xxx"}

Sensitive Data Handling

Auto-redact sensitive fields:

function redactSensitive(obj) {
  const sensitive = ['apiKey', 'token', 'password', 'secret'];
  for (const key of Object.keys(obj)) {
    if (sensitive.some(s => key.toLowerCase().includes(s))) {
      obj[key] = '[REDACTED]';
    }
  }
  return obj;
}

Statistics Analysis

Periodically analyze audit.log:

# Count tool usage
grep "before_tool_call" audit.log | jq -r .tool | sort | uniq -c | sort -rn

# Count errors
grep "after_tool_call" audit.log | jq -r '.error' | grep -v null | wc -l

# Count sessions
grep "before_tool_call" audit.log | jq -r .session | sort -u | wc -l

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-07 13:22 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,030
dev-programming

Error Recovery

hanxiao-bot
错误恢复 - 优雅处理失败的策略
★ 0 📥 616
it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,673