kaxuna1/elasticsearch
.claude/skills/elasticsearch/SKILL.md
Elasticsearch audit log search and analytics for INVOOPAY platform. Use when: implementing audit logging, searching audit events, building analytics dashboards, configuring data streams, or debugging outbox publishing.
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add kaxuna1/ecomsite elasticsearchInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 12:58 PM4.0s3 files scanned
SKILL.md
- name:
- elasticsearch
- description:
- |
- Use when:
- implementing audit logging, searching audit events, building analytics dashboards, configuring data streams, or debugging outbox publishing.
- allowed-tools:
- Read, Edit, Write, Glob, Grep, Bash
Elasticsearch Skill
Configures Elasticsearch for audit logging, full-text search, and analytics queries. This project uses Elasticsearch for audit trails (API key access, admin actions) and could extend to product search beyond PostgreSQL's TSVECTOR.
Quick Start
Elasticsearch Client Setup
// src/services/elasticsearchService.ts
import { Client } from '@elastic/elasticsearch';
const client = new Client({
node: process.env.ELASTICSEARCH_URL || 'http://localhost:9200',
auth: {
apiKey: process.env.ELASTICSEARCH_API_KEY
}
});
export async function indexAuditEvent(event: AuditEvent): Promise<void> {
await client.index({
index: `audit-logs-${new Date().toISOString().slice(0, 7)}`, // Monthly indices
document: {
...event,
'@timestamp': new Date().toISOString()
}
});
}
Searching Audit Logs
export async function searchAuditLogs(params: {
keyName?: string;
action?: string;
adminUserId?: number;
from?: string;
to?: string;
limit?: number;
}): Promise<AuditEvent[]> {
const must: any[] = [];
if (params.keyName) must.push({ term: { 'key_name.keyword': params.keyName } });
if (params.action) must.push({ term: { action: params.action } });
if (params.adminUserId) must.push({ term: { admin_user_id: params.adminUserId } });
if (params.from || params.to) {
must.push({
range: {
'@timestamp': {
...(params.from && { gte: params.from }),
...(params.to && { lte: params.to })
}
}
});
}
const response = await client.search({
index: 'audit-logs-*',
query: { bool: { must } },
size: params.limit || 100,
sort: [{ '@timestamp': 'desc' }]
});
return response.hits.hits.map(hit => hit._source as AuditEvent);
}
Key Concepts
| Concept | Usage | Example |
|---------|-------|---------|
| Index per time period | Prevents unbounded index growth | audit-logs-2025-01 |
| Keyword vs text | .keyword for exact match, text for full-text | key_name.keyword |
| Bool queries | Combine must/should/must_not clauses | { bool: { must: [...] } } |
| Date range | Filter by timestamp | range: { '@timestamp': { gte, lte } } |
| Aggregations | Analytics and metrics | aggs: { by_action: { terms: { field: 'action' } } } |
Common Patterns
Index Template for Audit Logs
await client.indices.putIndexTemplate({
name: 'audit-logs-template',
index_patterns: ['audit-logs-*'],
template: {
settings: {
number_of_shards: 1,
number_of_replicas: 0, // Dev; use 1+ in production
'index.lifecycle.name': 'audit-logs-policy'
},
mappings: {
properties: {
'@timestamp': { type: 'date' },
key_name: { type: 'keyword' },
action: { type: 'keyword' },
admin_user_id: { type: 'integer' },
admin_user_email: { type: 'keyword' },
ip_address: { type: 'ip' },
user_agent: { type: 'text' },
metadata: { type: 'object', enabled: false }
}
}
}
});
Aggregation for Analytics
const response = await client.search({
index: 'audit-logs-*',
size: 0,
aggs: {
actions_over_time: {
date_histogram: {
field: '@timestamp',
calendar_interval: 'day'
},
aggs: {
by_action: { terms: { field: 'action' } }
}
}
}
});
See Also
- patterns - Index design, query patterns, bulk operations
- workflows - Setup, monitoring, troubleshooting
Related Skills
- See the postgresql skill for hybrid search strategies (Elasticsearch + PostgreSQL)
- See the docker skill for Elasticsearch container configuration
- See the node skill for async client patterns
Related Skills
kaxuna1/zustand
tools
VerifiedTrustedCommunity
Zustand lightweight state management with persistence and middleware. Use when: managing client-side state (cart, auth, UI preferences), replacing React Context with simpler API, accessing state outside React components, implementing localStorage persistence
SKILL.mdUpdated Apr 16, 2026
kaxuna1/zod
development
VerifiedTrustedCommunity
Zod schema validation and TypeScript integration for runtime type safety. Use when: Validating API payloads, form inputs, environment variables, or any external data boundaries where TypeScript types alone cannot guarantee safety.
SKILL.mdUpdated Apr 16, 2026
kaxuna1/vite
tools
VerifiedTrustedCommunity
Configures Vite 5.x build tool, dev server, and frontend asset optimization for the Luxia e-commerce platform. Use when: configuring builds, adding environment variables, optimizing bundle size, setting up testing, debugging HMR issues, or adding Vite plugins.
SKILL.mdUpdated Apr 16, 2026
kaxuna1/typescript
development
VerifiedTrustedCommunity
Enforces strict TypeScript types across frontend and backend codebases. Use when: Writing new services, DTOs, interfaces, type guards, debugging type errors, or ensuring type safety at API boundaries.
SKILL.mdUpdated Apr 16, 2026