# 55. 审计

一旦Spring Security处于活动状态，Spring Boot执行器有一个灵活的审计框架会发布事件（默认抛出“authentication success”、“failure”和“access denied”异常）。这对于报告非常有用，同时可以基于认证失败实现一个锁定策略。为了自定义发布的安全事件，你可以提供自己的`AbstractAuthenticationAuditListener`，`AbstractAuthorizationAuditListener`实现。

你也可以使用审计服务处理自己的业务事件。为此，你可以将存在的`AuditEventRepository`注入到自己的组件，并直接使用它，或者只是简单地通过Spring `ApplicationEventPublisher`发布`AuditApplicationEvent`（使用`ApplicationEventPublisherAware`）。


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://jack80342.gitbook.io/spring-boot/v.-spring-boot-actuator/55.-auditing.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.