Compliance Audit Report Generator
Monthly: compile audit logs by category, detect anomalies (unusual access, unlogged actions), LLM generates executive compliance report — save to doc store, notify audit team.
Overview
**What it does**: Scheduled (monthly, 1st of month or configurable) → query audit log platform (all logs past 30d) → code aggregates by action type, user, service → LLM analyzes for anomalies (users accessing unusual services, weekend access, failed login patterns) and writes narrative compliance report (events by category, risk assessment, gaps, recommendations) → save PDF/JSON to document store → Slack to #compliance with summary and link. **Setup (5 steps)**: 1. Connect audit platform: CloudTrail, Kubernetes audit log, Stackdriver, Datadog, or custom audit API 2. Configure report template: sections (access summary, anomalies, risk gaps, recommendations) 3. Set anomaly thresholds: flagged access patterns (e.g., after-hours, cross-service, root user) 4. Configure document store: Google Drive, AWS S3, Azure Blob, or HTTP endpoint for report storage 5. Test: run for past month; review generated report for accuracy; adjust thresholds **Apps/nodes**: HTTP request (audit log API), code node (aggregation + anomaly detection), OpenAI (report generation), HTTP request (document store upload), Slack. **Credentials required**: Audit log platform API key, document store credentials, OpenAI account, Slack workspace. **Difficulty**: High | **Setup time**: 18 minutes. **Business outcome**: Compliance reporting automated → audit time ↓ 80%, anomaly detection ↑ proactive, SOC2/ISO audit readiness ↑.
What's included
Quickstart
- 01
Download the JSON
With an active Library Pass, download the workflow file right from this page or your dashboard.
- 02
Import into n8n
Choose Import from File and select the downloaded JSON. The full agent graph appears, ready to configure.
- 03
Plug in credentials
Each integration node prompts for credentials on first run. The setup guide lists every credential the agent expects.
- 04
Activate and test
Run once with sample input, confirm the expected output, then flip the activate toggle.
Frequently Asked Questions
How do I import this workflow into n8n?
What credentials do I need to provide?
Are the credentials included in the JSON file?
Can I edit or customize the workflow after importing?
What n8n version is required?
What if something breaks after I import it?
Can I use this workflow for my customers or business?
Will the workflow receive updates?
Do I need n8n Pro or a paid plan?
Can I ask for a custom workflow?
Reviews (0)
No reviews yet. Be the first.
Sign in to leave a review.
Included with any pass
This agent — and every other in the library — comes with a Library Pass. One pass, the whole catalog.
Get a Library Pass- Every agent in the library
- All new releases while active
- Unlimited downloads
- Commercial-use license
- Priority email support
- 30-day money-back guarantee
More in Security
Dependency Vulnerability Scanner
Daily scan: fetch dependency vulnerabilities (npm, Python, Go, etc.), LLM summarizes critical/high CVEs, affected packages, and patch steps — posted to #security.
DNS/SSL Expiry Monitor
Weekly SSL/DNS certificate check: identify expiring certs (<30 days), alert team with expiry dates and remediation steps.
Docker CVE Scan Digest
Daily: pull latest container scan results (Trivy, Snyk), LLM summarizes high/critical CVEs, affected packages, and remediation steps — posted to #security.