playbooks

home / skills / jeremylongshore / claude-code-plugins-plus-skills / logging-api-requests

logging-api-requests skill

/plugins/api-development/api-request-logger/skills/logging-api-requests

This skill helps you monitor and log API requests with correlation IDs, performance metrics, and security audit trails.

npx playbooks add skill jeremylongshore/claude-code-plugins-plus-skills --skill logging-api-requests

Review the files below or copy the command above to add this skill to your agents.

Files (4)
SKILL.md
2.4 KB
---
name: logging-api-requests
description: |
  Monitor and log API requests with correlation IDs, performance metrics, and security audit trails.
  Use when auditing API requests and responses.
  Trigger with phrases like "log API requests", "add API logging", or "track API calls".
  
allowed-tools: Read, Write, Edit, Grep, Glob, Bash(api:log-*)
version: 1.0.0
author: Jeremy Longshore <[email protected]>
license: MIT
---

# Logging Api Requests

## Overview


This skill provides automated assistance for api request logger tasks.
This skill provides automated assistance for the described functionality.

## Prerequisites

Before using this skill, ensure you have:
- API design specifications or requirements documented
- Development environment with necessary frameworks installed
- Database or backend services accessible for integration
- Authentication and authorization strategies defined
- Testing tools and environments configured

## Instructions

1. Use Read tool to examine existing API specifications from {baseDir}/api-specs/
2. Define resource models, endpoints, and HTTP methods
3. Document request/response schemas and data types
4. Identify authentication and authorization requirements
5. Plan error handling and validation strategies
1. Generate boilerplate code using Bash(api:log-*) with framework scaffolding
2. Implement endpoint handlers with business logic
3. Add input validation and schema enforcement
4. Integrate authentication and authorization middleware
5. Configure database connections and ORM models
1. Write integration tests covering all endpoints


See `{baseDir}/references/implementation.md` for detailed implementation guide.

## Output

- `{baseDir}/src/routes/` - Endpoint route definitions
- `{baseDir}/src/controllers/` - Business logic handlers
- `{baseDir}/src/models/` - Data models and schemas
- `{baseDir}/src/middleware/` - Authentication, validation, logging
- `{baseDir}/src/config/` - Configuration and environment variables
- OpenAPI 3.0 specification with complete endpoint definitions

## Error Handling

See `{baseDir}/references/errors.md` for comprehensive error handling.

## Examples

See `{baseDir}/references/examples.md` for detailed examples.

## Resources

- Express.js and Fastify for Node.js APIs
- Flask and FastAPI for Python APIs
- Spring Boot for Java APIs
- Gin and Echo for Go APIs
- OpenAPI Specification 3.0+ for API documentation

Overview

This skill monitors and logs API requests and responses, enriching each interaction with correlation IDs, performance metrics, and security audit trails. It helps teams capture structured telemetry for debugging, compliance, and performance analysis. Use it to add consistent, searchable logs across services and frameworks.

How this skill works

The skill inspects incoming and outgoing HTTP traffic and injects or propagates correlation IDs to tie distributed calls together. It measures latency, payload sizes, status codes, and error stacks, and records security-relevant events like authentication attempts and permission checks. Logs are emitted in structured formats and can be routed to files, databases, or observability platforms for analysis and alerting.

When to use it

  • Auditing API requests and responses for compliance or post-incident review
  • Adding consistent tracing across microservices to correlate distributed transactions
  • Measuring endpoint performance and identifying latency regressions
  • Capturing security-relevant events for audit trails and forensic analysis
  • Generating searchable, structured logs for debugging and monitoring

Best practices

  • Propagate a single correlation ID per request and include it in logs, headers, and error reports
  • Log structured JSON with consistent fields: timestamp, service, correlation_id, user_id, path, method, status, duration
  • Record both high-level metrics (latency, error rate) and detailed traces for slow or failed requests
  • Avoid logging sensitive data; mask or omit credentials and PII before persisting
  • Integrate with existing observability tools (e.g., ELK, Prometheus, Jaeger) and export metrics and traces

Example use cases

  • Add middleware to a FastAPI or Express app that generates correlation IDs and logs each request/response pair
  • Instrument endpoints to capture response times and send aggregated metrics to a monitoring service
  • Create an audit log stream for authentication and authorization events to meet compliance requirements
  • Attach request context to error reports so support teams can reproduce and trace failures
  • Build integration tests that assert logs include required fields and that correlation IDs persist across service calls

FAQ

Will this log sensitive user data?

No. The skill recommends masking or omitting sensitive fields and provides hooks to sanitize payloads before logging.

Can correlation IDs be propagated across services?

Yes. The middleware injects and forwards correlation IDs via HTTP headers so downstream services can join the same trace.