Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
access-watch
Advanced tools
Access Watch is a flexible access log processor that helps operators analyze the web traffic reaching their infrastructure.
Access Watch is built on a real-time stream processor handling logs from inputs of any type:
- CDNs (Cloudfront, Cloudflare, Akamai, ...)
- Load Balancers (ELB)
- Reverse Proxies (Nginx, Haproxy, ...)
- Web Servers (Nginx, Apache, ...)
- Applications (Node, Ruby, PHP, ...)
Access Watch is currently in open beta. For more details, go to: https://access.watch
Install
Make sure you have Node.js version >= 7. We recommend using nvm.
git clone https://github.com/access-watch/access-watch.git
cd access-watch
npm install
Start
npm start
It's loading the default configuration, it's the same as:
npm start config/default
Configure
The first thing you might want is configuring inputs to connect Access Watch to your traffic sources and convert it in the proper format.
In order to do this, you need to create a new configuration file such as config/custom.js.
See Input Configuration for the list of available input types and how to configure them.
There are also a couple of constants you might configure with a simple config file, to learn more you can head to Constants Configuration.
Start with custom configuration
npm start config/custom
The Access Watch API and interface will be served from port 3000 by default.
You can change that using an environment variable:
PORT=80 npm start config/custom
Browse the interface
Now, you can point your browser on the address:port where Access Watch is running, for example http://localhost:3000/.
If you see data flowing, congratulations you made it!
Warning: There is currently no built in authentication mechanism, if installed on a public server, you need to properly configure a firewall to restrict access to it.
Tutorials
- Monitor web traffic with syslog input from Nginx
- Monitor web traffic with syslog input from Apache
- Monitor web traffic with input from Node/Express middleware
- Monitor web traffic with input from Elasticsearch
License
FAQs
Open Source Web Traffic Manager
The npm package access-watch receives a total of 1 weekly downloads. As such, access-watch popularity was classified as not popular.
We found that access-watch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 07 Jun 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025