@elastic/ecs-pino-format

What is @elastic/ecs-pino-format?

@elastic/ecs-pino-format is an npm package that provides a formatter for the Pino logger to produce logs that are compliant with the Elastic Common Schema (ECS). This allows for better integration with Elastic Stack tools like Elasticsearch, Kibana, and Logstash.

What are @elastic/ecs-pino-format's main functionalities?

Basic ECS Formatting

This feature allows you to create a Pino logger instance that formats log messages according to the Elastic Common Schema (ECS).

const pino = require('pino');
const ecsFormat = require('@elastic/ecs-pino-format');
const logger = pino(ecsFormat());

logger.info('This is an ECS formatted log message');

Custom ECS Fields

This feature allows you to add custom fields to the ECS formatted log messages, providing more flexibility in the log data.

const pino = require('pino');
const ecsFormat = require('@elastic/ecs-pino-format');
const logger = pino(ecsFormat({
  customField: 'customValue'
}));

logger.info('This log message includes custom ECS fields');

Integration with Elastic Stack

This feature demonstrates how to log events with specific ECS fields, making it easier to integrate and analyze logs within the Elastic Stack.

const pino = require('pino');
const ecsFormat = require('@elastic/ecs-pino-format');
const logger = pino(ecsFormat());

logger.info({
  event: {
    category: 'database',
    action: 'query'
  }
}, 'Database query executed');

Other packages similar to @elastic/ecs-pino-format

pino-elasticsearch

pino-elasticsearch is a transport for Pino that sends logs directly to Elasticsearch. While it doesn't format logs according to ECS, it provides a seamless way to send logs to Elasticsearch for storage and analysis.

winston-elasticsearch

winston-elasticsearch is a transport for the Winston logger that sends logs to Elasticsearch. Similar to pino-elasticsearch, it doesn't format logs according to ECS but offers integration with Elasticsearch for log storage and analysis.

bunyan

Bunyan is another JSON logging library for Node.js that can be configured to send logs to Elasticsearch. While it doesn't natively support ECS formatting, it offers a flexible logging solution with Elasticsearch integration.

README

@elastic/ecs-pino-format

This Node.js package provides a formatter for the pino logger compatible with Elastic Common Schema (ECS) logging. In combination with the filebeat shipper, you can send your logs directly to Elasticsearch and leverage Kibana's Logs app to inspect all logs in one single place.

pino 6.x, 7.x, and 8.x versions are supported.

Please see the Node.js ECS pino documentation.

Install

npm install @elastic/ecs-pino-format

Usage

This package will configure Pino's formatters, messageKey and timestamp options.

const { ecsFormat } = require('@elastic/ecs-pino-format')
const pino = require('pino')

const log = pino(ecsFormat(/* options */))
log.info('Hello world')

const child = log.child({ module: 'foo' })
child.warn('From child')

Running this will produce log output similar to the following:

{"log.level":"info","@timestamp":"2023-10-16T18:08:02.601Z","process.pid":74325,"host.hostname":"pink.local","ecs.version":"8.10.0","message":"Hello world"}
{"log.level":"warn","@timestamp":"2023-10-16T18:08:02.602Z","process.pid":74325,"host.hostname":"pink.local","ecs.version":"8.10.0","module":"foo","message":"From child"}

Please see the Node.js ECS pino documentation for more.

License

This software is licensed under the Apache 2 license.