logging-monitoring

Use when designing security logging, monitoring, and incident detection capabilities. Covers SIEM architecture, audit trail requirements, security event correlation, and compliance logging for GDPR, PCI DSS, HIPAA, and SOX. USE FOR: SIEM, security logging, audit trails, security monitoring, incident detection, log aggregation, security event correlation, compliance logging, intrusion detection DO NOT USE FOR: application performance monitoring (use observability skills), general logging frameworks (use logging skills), incident response procedures (use secure-sdlc)