Security News
Meet Socket at Black Hat Europe and BSides London 2025
Socket is heading to London! Stop by our booth or schedule a meeting to see what we've been working on.
By Anders Søndergaard - Nov 11, 2025
@elastic/ecs-helpers
Advanced tools
@elastic/ecs-helpers
A set of helpers for the other ecs-logging-nodejs packages. You should not directly use this package.
Install
npm install @elastic/ecs-helpers
API
version
The currently supported version of Elastic Common Schema.
formatError(obj, err) -> bool
A function that adds ECS Error fields
for a given Error object. It returns true iff the given err was an Error
object it could process.
const { formatError } = require('@elastic/ecs-helpers')
const logRecord = { msg: 'oops', /* ... */ }
formatError(logRecord, new Error('boom'))
console.log(logRecord)
will show:
{
msg: 'oops',
error: {
type: 'Error',
message: 'boom',
stack_trace: 'Error: boom\n' +
' at REPL30:1:26\n' +
' at Script.runInThisContext (vm.js:133:18)\n' +
// ...
}
}
The ECS logging libraries typically use this to automatically handle an err
metadata field passed to a logging statement. E.g.
log.warn({err: myErr}, '...') for pino, log.warn('...', {err: myErr})
for winston.
formatHttpRequest(obj, req) -> bool
Function that enhances an ECS object with http request data.
The given request object, req, must be one of the following:
- Node.js's core
http.IncomingMessage, - Express's request object that extends IncomingMessage, or
- a hapi request object.
The function returns true iff the given req was a request object it could
process. Note that currently this notably does not process a
http.ClientRequest
as returned from http.request().
const http = require('http')
const { formatHttpRequest } = require('@elastic/ecs-helpers')
http.createServer(function (req, res) {
res.end('hi')
const obj = {}
formatHttpRequest(obj, req)
console.log('obj:', JSON.stringify(obj, null, 4))
}).listen(3000)
Running this and making a request via curl http://localhost:3000/ will
print something close to:
obj: {
"http": {
"version": "1.1",
"request": {
"method": "get",
"headers": {
"host": "localhost:3000",
"accept": "*/*"
}
}
},
"url": {
"full": "http://localhost:3000/",
"path": "/"
},
"client": {
"address": "::1",
"ip": "::1",
"port": 61969
},
"user_agent": {
"original": "curl/7.64.1"
}
}
formatHttpResponse(obj, res)
Function that enhances an ECS object with http response data.
The given request object, req, must be one of the following:
- Node.js's core
http.ServerResponse, - Express's response object that extends ServerResponse, or
- a hapi request object
The function returns true iff the given res was a response object it could
process. Note that currently this notably does not process a
http.IncomingMessage
that is the argument to the
"response" event of a
client http.request()
const http = require('http')
const { formatHttpRequest } = require('@elastic/ecs-helpers')
http.createServer(function (req, res) {
res.setHeader('Foo', 'Bar')
res.end('hi')
const obj = {}
formatHttpResponse(obj, res)
console.log('obj:', JSON.stringify(obj, null, 4))
}).listen(3000)
Running this and making a request via curl http://localhost:3000/ will
print something close to:
rec: {
"http": {
"response": {
"status_code": 200,
"headers": {
"foo": "Bar"
}
}
}
}
License
This software is licensed under the Apache 2 license.
FAQs
ecs-logging-nodejs helpers
The npm package @elastic/ecs-helpers receives a total of 465,508 weekly downloads. As such, @elastic/ecs-helpers popularity was classified as popular.
We found that @elastic/ecs-helpers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 57 open source maintainers collaborating on the project.
Package last updated on 31 Oct 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
OWASP 2025 Top 10 Adds Software Supply Chain Failures, Ranked Top Community Concern
OWASP’s 2025 Top 10 introduces Software Supply Chain Failures as a new category, reflecting rising concern over dependency and build system risks.
By Sarah Gooding - Nov 08, 2025
Research
/Security News
9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
By Kush Pandya - Nov 06, 2025