Protokollierung
Alle Claude Code Aktivitäten werden in der Datenbank ki_dev.protokoll protokolliert.
Tabellen-Schema
protokoll
| Spalte | Typ | Beschreibung |
|---|---|---|
| id | BIGINT | Primary Key |
| timestamp | DATETIME(6) | Event-Zeitpunkt |
| request_ip | VARCHAR(45) | Client-IP (aus SSH_CLIENT) |
| client_name | VARCHAR(255) | User (aus $USER) |
| request | TEXT | Request-Daten (sanitized) |
| request_timestamp | DATETIME(6) | Request-Zeitpunkt (Microseconds) |
| response | TEXT | Response-Daten (sanitized) |
| response_timestamp | DATETIME(6) | Response-Zeitpunkt |
| duration_ms | INT UNSIGNED | Dauer in Millisekunden |
| tokens_input | INT UNSIGNED | Geschätzte Input-Tokens |
| tokens_output | INT UNSIGNED | Geschätzte Output-Tokens |
| tokens_total | INT UNSIGNED | Gesamt-Tokens |
| model_name | VARCHAR(255) | Verwendetes Modell |
| status | ENUM | 'pending', 'completed', 'error' |
| error_message | TEXT | Fehlermeldung bei status='error' |
file_backup_history
| Spalte | Typ | Beschreibung |
|---|---|---|
| id | INT | Primary Key |
| file_path | VARCHAR(512) | Absoluter Dateipfad |
| file_content | LONGTEXT | Vollständiger Dateiinhalt |
| content_hash | CHAR(64) | SHA256-Hash |
| file_size | INT | Dateigröße in Bytes |
| version | INT | Version pro Datei |
| change_type | ENUM | 'created', 'modified', 'deleted' |
| changed_at | TIMESTAMP | Backup-Zeitpunkt |
| changed_by | VARCHAR(100) | claude-code-hook |
| reason | TEXT | Backup-Grund |
| diff_summary | TEXT | Zusammenfassung der Änderungen |
| affected_entities | LONGTEXT | Betroffene Code-Entitäten (JSON) |
Event-Typen im Request
UserPromptSubmit
{
"event": "UserPromptSubmit",
"prompt": "Erstelle eine neue Funktion..."
}
PreToolUse
{
"event": "PreToolUse",
"tool_name": "Edit",
"tool_input": {
"file_path": "/var/www/.../file.php",
"old_string": "...",
"new_string": "..."
}
}
PostToolUse (Response)
{
"tool_response": {
"success": true,
"message": "File updated"
}
}
Sicherheit: Data Sanitization
Folgende Daten werden automatisch redacted:
Key-Patterns
- password, pass, secret
- token, apikey, api_key
- authorization, auth, bearer
- credential
Value-Patterns
- AWS Access Keys (AKIA...)
- API Keys (sk..., rk..., pk...)
- JWT Tokens (eyJ...)
Truncation
Felder > 10.000 Zeichen werden gekürzt mit Hash-Suffix:
...content... [TRUNCATED-a1b2c3d4]
Abfrage-Beispiele
Letzte Tool-Aufrufe
SELECT
timestamp,
JSON_EXTRACT(request, '$.tool_name') as tool,
duration_ms,
status
FROM protokoll
WHERE JSON_EXTRACT(request, '$.event') = 'PreToolUse'
ORDER BY id DESC
LIMIT 10;
Token-Verbrauch pro Tag
SELECT
DATE(timestamp) as tag,
SUM(tokens_total) as tokens,
COUNT(*) as requests
FROM protokoll
GROUP BY DATE(timestamp)
ORDER BY tag DESC;
Datei-Versionen
SELECT version, changed_at, file_size, content_hash FROM file_backup_history WHERE file_path = '/var/www/.../Controller.php' ORDER BY version DESC;