Security News
npm Updates Search Experience with New Objective Sorting Options
npm has a revamped search experience with new, more transparent sorting options—Relevance, Downloads, Dependents, and Publish Date.
aws-xray-sdk-express
Advanced tools
The aws-xray-sdk-express npm package is a middleware for Express.js applications that integrates with AWS X-Ray to trace and analyze requests. It helps in monitoring and debugging applications by providing detailed insights into the performance and behavior of your application.
Automatic Request Tracing
This feature allows you to automatically trace incoming HTTP requests. The middleware captures the request and response cycle, creating segments that can be visualized in the AWS X-Ray console.
const express = require('express');
const AWSXRay = require('aws-xray-sdk');
const app = express();
app.use(AWSXRay.express.openSegment('MyApp'));
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.use(AWSXRay.express.closeSegment());
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
Custom Subsegments
This feature allows you to create custom subsegments within a segment. This is useful for tracing specific parts of your code, such as database queries or external API calls.
const express = require('express');
const AWSXRay = require('aws-xray-sdk');
const app = express();
app.use(AWSXRay.express.openSegment('MyApp'));
app.get('/custom', (req, res) => {
const segment = AWSXRay.getSegment();
const subsegment = segment.addNewSubsegment('customSubsegment');
// Perform some operations
subsegment.close();
res.send('Custom Subsegment');
});
app.use(AWSXRay.express.closeSegment());
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
Error Capturing
This feature allows you to capture and record errors that occur during the request lifecycle. The errors are sent to AWS X-Ray, where they can be analyzed to identify and fix issues.
const express = require('express');
const AWSXRay = require('aws-xray-sdk');
const app = express();
app.use(AWSXRay.express.openSegment('MyApp'));
app.get('/error', (req, res) => {
const segment = AWSXRay.getSegment();
try {
throw new Error('Something went wrong!');
} catch (err) {
segment.addError(err);
res.status(500).send('Internal Server Error');
}
});
app.use(AWSXRay.express.closeSegment());
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
New Relic is a comprehensive monitoring and observability platform that provides detailed insights into application performance. It offers similar request tracing and error capturing functionalities but also includes advanced features like infrastructure monitoring, synthetic monitoring, and more. Unlike aws-xray-sdk-express, New Relic is a third-party service and requires a subscription.
Datadog is another monitoring and analytics platform that provides end-to-end visibility into application performance. It offers request tracing, error tracking, and custom metrics similar to aws-xray-sdk-express. Datadog also includes features for infrastructure monitoring, log management, and security monitoring. It is a third-party service and requires a subscription.
OpenTelemetry is an open-source observability framework that provides APIs and tools for collecting metrics, logs, and traces. It offers similar functionalities to aws-xray-sdk-express, such as request tracing and custom subsegments. OpenTelemetry is highly extensible and can be integrated with various backends, including AWS X-Ray, making it a versatile choice for observability.
AWS X-Ray SDK Core (aws-xray-sdk-core) Express 4.14.0 or greater
The AWS X-Ray Express package automatically records information for incoming and outgoing requests and responses, via the middleware functions in this package.
The AWS X-Ray SDK Core has two modes - manual
and automatic
.
Automatic mode uses the Continuation Local Storage package (CLS) and automatically
tracks the current segment and subsegment. This is the default mode.
Manual mode requires that you pass around the segment reference.
In automatic mode, you can get the current segment/subsegment at any time: var segment = AWSXRay.getSegment();
In manual mode, you can get the base segment off of the request object: var segment = req.segment;
Sampling rates are determined by the aws-xray-sdk-core
package, using the default
sampling file that is provided, or by overriding this with a custom sampling file.
For more information on sampling, see aws-xray-sdk-core README.
The SDK requires that a default segment name is set when using middleware.
If it isn't set, an error is thrown. You can override this value via the AWS_XRAY_TRACING_NAME
environment variable.
app.use(xrayExpress.openSegment('defaultName'));
The AWS X-Ray SDK Core defaults to a fixed naming mode. This means that each time the middleware creates a new segment for an incoming request, the name of that segment is set to the default name. In dynamic mode, the segment name can vary between the host header of the request or the default name. For more information about naming modes, see the aws-xray-sdk-core README.
var AWSXRay = require('aws-xray-sdk-core');
var xrayExpress = require('aws-xray-sdk-express');
var app = express();
//...
app.use(xrayExpress.openSegment('defaultName'));
app.get('/', function (req, res) {
var segment = AWSXRay.getSegment();
//...
res.render('index');
});
app.use(xrayExpress.closeSegment());
var AWSXRay = require('aws-xray-sdk-core');
var xrayExpress = require('aws-xray-sdk-express');
var app = express();
//...
var AWSXRay = require('aws-xray-sdk');
app.use(xrayExpress.openSegment('defaultName')); //Required at the start of your routes
app.get('/', function (req, res) {
var segment = req.segment;
//...
res.render('index');
});
app.use(xrayExpress.closeSegment()); //Required at the end of your routes / first in error handling routes
FAQs
AWS X-Ray Middleware for Express (Javascript)
The npm package aws-xray-sdk-express receives a total of 263,004 weekly downloads. As such, aws-xray-sdk-express popularity was classified as popular.
We found that aws-xray-sdk-express demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 24 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm has a revamped search experience with new, more transparent sorting options—Relevance, Downloads, Dependents, and Publish Date.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.