Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
ft-next-splunk-logger
Advanced tools
Logs stuff directly to splunk.
Requires a SPLUNK_URL environment variable to send stuff to. If you don't have one, talk to someone.
npm install --save ft-next-splunk-logger
The logger works pretty much the same as the debug module.
var log = require('ft-next-splunk-logger')('my-app-name');
log('Some stuff');
It will stick the app name and a timestamp at the beginnig of each log so the above will become
my-app-name 2015-05-30T12:54:54.479Z Some stuff
Like debug and console.log in node it uses util.format under the hood if the first arg is a string
log('here is a %s and %j', 'string', {foo:'bar'})
becomes:
here is a string and {"foo":"bar"}
Apparently splunk can parse json so the above should work well. But to make it easier if you pass just an object it will be formatted in the easiet way for splunk:
log({foo:'here is a string'})
becomes
foo="here is a string"
You can also pass it errors (but please don't, send them to sentry or somewhere useful):
log(new Error('bar'));
becomes:
Error: bar
When passing a string as the first argument, the following placeholders can be used:
%s
Will replace the argument using String(arg)
- objects will appear as 'Object object' or similar%d
Will replace the argument using Number(arg)
- anything that is not a number will appear as "NaN"%j
Will replace the argument using JSON.stringify(arg)
- will throw an error if it doesn't get an a object%o
Will replace the argument using the splunk-friendly name=value style - will probably thrown an error if not given an objectFAQs
Log stuff Directly to splunk
The npm package ft-next-splunk-logger receives a total of 0 weekly downloads. As such, ft-next-splunk-logger popularity was classified as not popular.
We found that ft-next-splunk-logger demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.