Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@trackcode/gelf

Package Overview
Dependencies
Maintainers
2
Versions
9
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@trackcode/gelf

GELF HTTP Libray

0.4.4
latest
npmnpm
Version published
Maintainers
2
Created
Source

@trackcode/gelf

GELF HTTP Client, includes typed events, express middleware and the possibility to use Basic Auth.

Usage

Install the package:

npm i @trackcode/gelf

Now you have to create an instance of the GELF class.

// src/utils/gelf.js
const GELF = require("@trackcode/gelf");

export default const gelf = new GELF({
  application: "name-of-your-service",
  environment: process.env.NODE_ENV,
  gelfEndpoint: process.env.GELF_ENDPOINT
})

Endpoint

The endpoint can be any valid URI. In the simplest example this would directly be the GELF HTTP endpoint from Graylog:

gelfEndpoint: "http://graylog.example.com:12201/gelf";

But maybe you want your ingress secured with HTTPS, so you deploy nginx infront of graylog:

gelfEndpoint: "https://graylog.example.com/gelf";

And then, you want to be sure that only you can push events to Graylog, so you add Basic Auth in the nginx config:

gelfEndpoint: "https://username:password@graylog.example.com/gelf";

Emitting Events

You can send events to graylog through the GELF.emit method:

// src/server.js
const gelf = require("./utils/gelf");

gelf.emit({
  /* Your event */
});

The content of the emitted event can be whatever you want. Keep in mind the constraints of Graylog and Elasticsearch (> 32kb cant be indexed, field can only ever have one type).

Few fields are constant, or predefined by the specification. They are defined in src/gelf/event.ts.

Using typed events

If you want to use typed events with a known structure, because they are easier to handle in Graylog and built Elasticsearch Indices around, then today is your lucky day.

This package comes with a set of predefined Events. You can find them in the src/events folder. They expose a fluent interface to set the values.

// src/server.js
const { Events } = require("@trackcode/gelf");
const gelf = require("./utils/gelf");

function logMiddleware(req, res, next) {
  gelf.emit(
    new Events.HTTPRequestEvent()
      .method(req.method)
      .headers(req.headers)
      .originalURL(req.originalUrl)
      .route(req.path)
      .body(req.body)
  );

  next();
}

All events have a special property _kind which is unique for the Event. You should use this property to differentiate events in Graylog Pipelines and other consumers.

Logging HTTP Requests

There is a bundled middleware logRequest for express. It waits until the request is finished and emits details about request and response as a HTTPRequestEvent (check out the documentation about Typed Events to learn more).

// src/server.js
const { logRequest } = require("@trackcode/gelf");
const express = require("express");
const gelf = require("./utils/gelf");

const app = express();

app.use(logRequest({ gelf: gelf }));

// Route handlers that will be logged
app.get("/", (req, res) => {});

app.listen(8080, console.log);
}

Transformers

Transformers can be compared to an express middleware. They receive req, res and the httpEvent and can modify the event based on this information.

They should be used when you want to add application specific information to your events. For example if your req object contains session information, then you could use following transformer to add that information to the event:

// src/server.js

const middleware = logRequest({
  gelf: gelf,
  transformers: [
    (req, res, event) => {
      if (req.session) {
        // Modify the event
        event.memberID(req.session.userID);
      }

      // Whatever you return will be passed
      // to the next transformer/send to Graylog.
      return event;
    }
  ]
});

Development

Local setup

If you want to use/test your changes locally, link the package using npm, and then install the linked package in your service:

$ cd ~/graylog-gelf
$ npm link
$ cd ~/your-service
$ npm link @trackcode/gelf

This will install the dependency locally, using the current content of your dist/ (build output) folder.

To continously update the package with new changes from src/, run npm run build:watch in the project folder, and restart your service after every change.

Tests

Tests are built with Jest and can be run like this:

npm run test

FAQs

Package last updated on 07 Apr 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials

Research

Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials

Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.

By Kush Pandya  -  Sep 05, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.