New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
cf-nodejs-logging-support
Advanced tools
cf-nodejs-logging-support - npm Package Compare versions
Comparing version 3.0.0 to 3.0.1
@@ -394,4 +394,6 @@ var util = require('util'); | ||
| req.getCorrelationObject = getCorrelationObject; | ||
| req.setDynamicLoggingLevel = setDynamicLoggingLevel; | ||
| } | ||
| var validObject = function (obj) { | ||
@@ -422,2 +424,8 @@ if (obj === null || obj === undefined) { | ||
| // Sets the dynamic log level for the request to the given level | ||
| var setDynamicLoggingLevel = function(levelName) { | ||
| var context = this; | ||
| context.dynamicLogLevel = getLogLevelFromName(levelName); | ||
| } | ||
| var writeStaticFields = function (logObject) { | ||
@@ -450,3 +458,2 @@ for (var key in fixedValues) { | ||
| var getLogLevelFromJWT = function(token) { | ||
| var level; | ||
| var payload = verifyAndDecodeJWT(token, dynLogLevelKey); | ||
@@ -458,5 +465,13 @@ | ||
| return loggingLevels[payload.level]; | ||
| var levelName = payload.level; | ||
| return getLogLevelFromName(levelName); | ||
| } | ||
| // Gets the log level number from a given level name | ||
| var getLogLevelFromName = function(levelName) { | ||
| if(levelName == null) return null; | ||
| return loggingLevels[levelName.toLowerCase()]; | ||
| } | ||
| // Verifies the given JWT and returns its payload. | ||
@@ -463,0 +478,0 @@ var verifyAndDecodeJWT = function(token, key) { |
| { | ||
| "name": "cf-nodejs-logging-support", | ||
| "version": "3.0.0", | ||
| "version": "3.0.1", | ||
| "description": "Logging tool for Cloud Foundry", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -12,2 +12,3 @@ # Node.js Logging Support for Cloud Foundry | ||
| #### Version 2.0 introduced logging without Winston and changed custom fields to be parsed and reported as strings regardless of original type. | ||
| #### Version 3.0 introduced dynamic log levels, sensitive data reduction and a redesigned field configuration system | ||
@@ -19,2 +20,5 @@ ## Features | ||
| * Logging levels | ||
| * Dynamic logging level (per request) | ||
| * Extendable field configuration | ||
| * Sensitive data reduction | ||
| * Can be bound to [Winston](https://github.com/winstonjs/winston) as transport | ||
@@ -92,2 +96,3 @@ | ||
| ``` | ||
| ### Custom Messages | ||
@@ -132,2 +137,58 @@ | ||
| ### Sensitive data reduction | ||
| Version 3.0.0 and above implements a sensitive data reduction system, which deactivates the logging of sensitive fields. The field will contain 'reducted' instead of the original content. | ||
| Following fields will be *reduced* by default: remote_ip, remote_host, remote_port, x_forwarded_for, remote_user, referer. | ||
| In order to activate normal logging for all or some of these fields, you have to setup environment variables with the following names: | ||
| | Environment Variable | Optional fields | | ||
| |-------------------------------------------|---------------------------------------------------------------------------| | ||
| | ```LOG_SENSITIVE_CONNECTION_DATA: true``` | activates the fields remote_ip, remote_host, remote_port, x_forwarded_for | | ||
| | ```LOG_REMOTE_USER: true``` | activates the field remote_user | | ||
| | ```LOG_REFERER: true``` | activates the field referer | | ||
| This behavior matches with the corresponding mechanism in the [CF Java Logging Support](https://github.com/SAP/cf-java-logging-support/wiki/Overview#logging-sensitive-user-data) library. | ||
| ### Dynamic log levels | ||
| Sometimes it is useful to change the logging level for a specific request. This can be achieved by dynamic log levels set by a special header field or directly inside the corresponding request handler. | ||
| #### Change log level via header field | ||
| You can change the log level for a specific request by providing a JSON Web Token ([JWT](https://de.wikipedia.org/wiki/JSON_Web_Token)) via the request header. This way it is not necessary to redeploy your app for every log level change. | ||
| ##### 1 Preparation | ||
| JWTs are signed objects, which can be verified with a preprovided key. Create a key and setup a environment variable: | ||
| ``` | ||
| DYN_LOG_LEVEL_KEY: <your JWT key> | ||
| ``` | ||
| Redeploy your app in order to load the key from environment variables. | ||
| ##### 2 Creating JWTs | ||
| Create a JWT token with the TokenCreator following payload: | ||
| ``` | ||
| { | ||
| "issuer": "<valid e-mail address>", | ||
| "level": "debug", | ||
| "iat": 1506016127, | ||
| "exp": 1506188927 | ||
| } | ||
| ``` | ||
| Setup the *level* field with your prefered logging level (error, warn, info, verbose, debug or silly). | ||
| Make sure to set valid *Issued At (iat)* and *Expiration Date (exp)* timestamps. | ||
| ##### 3 Using JWTs | ||
| Provide your created JWT via the header field 'SAP-LOG-LEVEL'. The logging level will be set to the provided level for the resulting request (and also corresponding custom log messages). | ||
| If you want to use another header name for the JWT, you can specify it via a enviroment variable: | ||
| ``` | ||
| DYN_LOG_HEADER: MY-HEADER-FIELD | ||
| ``` | ||
| #### Change log level within request handler | ||
| You can also change the log level for all requests of a specific request handler by calling: | ||
| ```js | ||
| req.setDynamicLoggingLevel("verbose"); | ||
| ``` | ||
| ### Winston Transport | ||
@@ -134,0 +195,0 @@ This logging tool can be used in conjunction with Winston. Logging via Winston transport is limited to custom logs. Network activity can not be tracked automatically. Example: |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by5.78%
68169
- Lines of code
- increased by0.89%
1251
- Number of lines in readme file
- increased by33.52%
243
No dependency changes