Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@beforeyoubid/logger-adapter
Advanced tools
A platform logger module to send the log messages to Mezmo (formerly LogDNA).
Notes - LogDNA made a decision not to rename the library to Mezmo just yet. To avoid having two names, we decided to keep the variable, class and etc as LogDNA for now.
This is our BYB logger module that is designed to support multiple two logging scenarios.
console
so all logs can be sent to Mezmo as well. The service need to add
consoleLogger.init()
in the handler.This module is designed to work on a native node runtime and in a Lambda environment. For Lambda, please see the Flush All Messages section below.
console.log()
is not a recommended approach to be used for frontend application but it's fine to use in
the backend. Here are some limitations:
console
log object doesn't support the LOG_LEVEL
. For example, you may not want console.debug()
to
show debugging info on a production server.console
object as a pathway to adopting a logger
object.
If you are using console.log
on the existing code base and not ready to switch to Winston logger just yet, this module
can also helps you out as well.
logdna
module is no longer maintained (https://www.npmjs.com/package/logdna).
We need to move away from it.logdna-winston
module creates a separate logdna
client instance and it doesn't get a chance to fully flush messages before Lambda terminates. We decided to
customise this module in this project and allow us to utilise a single instance of a LogDNA logger object so that
ensureFlushAll()
can flush those messages before we terminate Lambda function. This single LogDNA is shared and
used by both console log wrapper and LogDNA transport as part of Winston log system.createLoggerObject()
into this shared module so it's easier to use and prefix message before returning
the actual logger object. e.g. createLoggerObject(
[LOG-PREFIX]);
MetricLogger
yarn add @beforeyoubid/logger-adapter
We follow 12-factors and we can enable and send log to LogDNA by supplying LOGDNA_KEY as part of the environment variables.
LOGDNA_KEY=xxxxxxyyyyyyyzzzzzzz
Please note that on your local, you can set LOGDNA_KEY=
to disable sending logs to LogDNA. Supply LOG_LEVEL
as part
of the environment variable.
Additionally, you can keep LOGDNA_KEY
value the same way you set for other environments but can disable sending logs
by setting LOGDNA_ENABLED=false
in your env variables.
import { consoleLogger } from '@beforeyoubid/logger-adapter';
consoleLogger.init();
// Don't need to call consoleLogger.flushAll(), logdna object has default flush interval interval at 250ms
LogDNA puts messages in the buffer and push out every 250ms. If Lambda is terminated before some of these intervals,
it's likely that some of message logs are not sent to LogDNA. Use ensureFlushAll()
to flush messages automatically.
import { consoleLogger, ensureFlushAll } from '@beforeyoubid/logger-adapter';
consoleLogger.init();
export default ensureFlushAll(yourLambdaHandler);
import { consoleLogger, ensureFlushAllCallback } from '@beforeyoubid/logger-adapter';
consoleLogger.init();
export default ensureFlushAllCallback(yourLambdaHandlerCallback);
yarn add @beforeyoubid/logger-adapter
We follow 12-factors and we can enable and send log to LogDNA by supplying LOGDNA_KEY as part of the environment variables.
LOGDNA_KEY=xxxxxxyyyyyyyzzzzzzz
Please note that on your local, you can set LOGDNA_KEY=
to disable sending logs to LogDNA. Supply LOG_LEVEL
as part
of the environment variable.
import { logger } from '@beforeyoubid/logger-adapter';
logger.debug('This message only show up when LOG_LEVEL is set to "debug"')
logger.info('This message only show up when LOG_LEVEL is set to "info"')
import { logger, ensureFlushAll } from '@beforeyoubid/logger-adapter';
// you can use logger.debug('log text in a string format');
export default ensureFlushAll(yourLambdaHandler);
import { logger, ensureFlushAllCallback } from '@beforeyoubid/logger-adapter';
// you can use logger.debug('log text in a string format');
export default ensureFlushAllCallback(yourLambdaHandlerCallback);
In some cases, you may want to have a clearer log message by prefixing them with a predefined string e.g. name of your module so they look like this.
import { getLoggerObject } from '@beforeyoubid/logger-adapter';
const logger = getLoggerObject('[Your Custom Prefix]');
logger.info('the usual log string...')
Notes that this function just wraps the original Winston logger instance your normally access from this line.
import { logger } from '@beforeyoubid/logger-adapter';
. It only wraps and add the prefix the log line for you and
returns with debug, info, warn, error functions.
Motivation:
How does it work?
JSON.stringify(jsonObject)
) is sent to Mezmo, Mezmo is smart enough to parse this into a
json object and index them automaticallyHow to use:
FAQs
A platform logger module to send the log messages to Mezmo (formerly LogDNA).
The npm package @beforeyoubid/logger-adapter receives a total of 54 weekly downloads. As such, @beforeyoubid/logger-adapter popularity was classified as not popular.
We found that @beforeyoubid/logger-adapter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.