Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
monitor-dog
Advanced tools
Wraps dogstatsd to provide environment based event scoping (prefixing) and timers.
// Assume `process.env.MONITOR_PREFIX === 'myProject'`, then all events
// triggered via monitor dog will be prefixed with `myProject.`.
var monitor = require('monitor-dog');
// Trigger an increment (`myProject.requests`)
monitor.increment('requests');
// Trigger an increment with additional parameters
monitor.increment('requests', 1, ['env:prod', 'host': '127.0.0.1']);
// Trigger an increment with tags as object
monitor.increment('requests', 1, {env: 'prod', host: '127.0.0.1'});
// Trigger a gauge event (`myProject.404s`)
monitor.gauge('404s');
// Time requests...
var timer = monitor.timer('request.time');
request('http://example.com', function(req, res) {
// Triggers a histogram event to `myProject.request.time`
timer.stop();
});
Creating specialized periodic interval monitors (similar to the sockets monitor) is fairly straight-forward. Here's an example of how it is done:
var monitor = require('monitor-dog');
var IntervalMonitor = require('monitor-dog/lib/interval-monitor');
var util = require('util');
/**
* 1. Subclass the IntervalMonitor class
*/
function MyCustomMonitor = function(monitor, prefix, interval) {
IntervalMonitor.call(this, monitor, prefix, interval);
}
util.inherits(MyCustomMonitor, IntervalMonitor);
/**
* 2. Define your run function to periodically monitor what you wish
*/
MyCustomMonitor.prototype.run = function() {
// ... Perform custom periodic reporting here using this.monitor
}
// 3. Instantiate and start your new interval monitor!
(new MyCustomMonitor(monitor)).start();
These methods behave exactly as you would expect on a regular dogstatsd Client.
Creates and returns new timer with the given name
. Optional boolean
startNow
can be provided to start the timer at a later date using the
.start
method.
// Create the timer
var sumTimer = monitor.timer('sum.time');
// Perform a computation
var sum = 0;
for (var i = 0; i < 1000000; i++) {
sum += i;
}
// Call .stop() to send a histogram event named 'sum.time'
// with the recorded duration...
sumTimer.stop();
var requestTimer = monitor.timer('request.time');
request('/some/endpoint', function (err, res) {
requestTimer.stop();
});
var delayedTime = monitor.timer('delayed.timer', false);
// ... Do some other stuff ...
delayedTimer.start();
// ... Do some more stuff ...
delayedTimer.stop();
Automatically track number of open & pending sockets and open files.
// start monitoring once you start web server
// default interval defined by `process.env.MONITOR_INTERVAL`
monitor.startSocketsMonitor();
// stop monitoring before stopping web server
monitor.stopSocketsMonitor();
Capture stream events: open
, data
, error
, end
.
monitor.captureStreamEvents('some-name', yourStream);
MIT
FAQs
A helpful wrapper for dogstatsd.
The npm package monitor-dog receives a total of 4 weekly downloads. As such, monitor-dog popularity was classified as not popular.
We found that monitor-dog demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.