@elastic/ecs-morgan-format

@elastic/ecs-morgan-format

This Node.js package provides a formatter for the morgan logging middleware compatible with Elastic Common Schema (ECS) logging. In combination with the filebeat shipper, you can send your logs directly to Elasticsearch and leverage Kibana's Logs app to inspect all logs in one single place.

Please see the Node.js ECS morgan documentation.

Install

npm install @elastic/ecs-morgan-format

Usage

const app = require('express')()
const morgan = require('morgan')
const { ecsFormat } = require('@elastic/ecs-morgan-format')

app.use(morgan(ecsFormat(/* options */)))

app.get('/', function (req, res) {
  res.send('hello, world!')
})

app.listen(3000)

Running this script and making a request (via curl -i localhost:3000/) will produce log output similar to the following:

% node examples/express.js | jq .  # piping to jq for pretty-printing
{
  "@timestamp": "2023-10-16T22:00:33.782Z",
  "log.level": "info",
  "message": "::ffff:127.0.0.1 - - [16/Oct/2023:22:00:33 +0000] \"GET / HTTP/1.1\" 200 13 \"-\" \"curl/8.1.2\"",
  "http": {
    "version": "1.1",
    "request": {
      "method": "GET",
      "headers": {
        "host": "localhost:3000",
        "user-agent": "curl/8.1.2",
        "accept": "*/*"
      }
    },
    "response": {
      "status_code": 200,
      "headers": {
        "x-powered-by": "Express",
        "content-type": "text/html; charset=utf-8",
        "content-length": "13",
        "etag": "W/\"d-HwnTDHB9U/PRbFMN1z1wps51lqk\""
      },
      "body": {
        "bytes": 13
      }
    }
  },
  "url": {
    "path": "/",
    "domain": "localhost",
    "full": "http://localhost:3000/"
  },
  "client": {
    "address": "::ffff:127.0.0.1",
    "ip": "::ffff:127.0.0.1",
    "port": 60455
  },
  "user_agent": {
    "original": "curl/8.1.2"
  },
  "ecs.version": "8.10.0"
}

Please see the Node.js ECS morgan documentation for more.

License

This software is licensed under the Apache 2 license.