![Introducing Enhanced Alert Actions and Triage Functionality](https://cdn.sanity.io/images/cgdhsj6q/production/fe71306d515f85de6139b46745ea7180362324f0-2530x946.png?w=800&fit=max&auto=format)
Product
Introducing Enhanced Alert Actions and Triage Functionality
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
morgan
Advanced tools
Package description
Morgan is a middleware for Node.js that enables HTTP request logging. It is commonly used with Express.js applications to log information about incoming requests, which can be helpful for debugging, monitoring, and analytics purposes.
Logging HTTP requests
This code sets up an Express server and uses Morgan to log all incoming HTTP requests in the 'combined' Apache format.
const express = require('express');
const morgan = require('morgan');
const app = express();
app.use(morgan('combined'));
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
Customizing log formats
This code demonstrates how to customize the log format to include specific details such as the HTTP method, URL, status code, content length, and response time.
const express = require('express');
const morgan = require('morgan');
const app = express();
app.use(morgan(':method :url :status :res[content-length] - :response-time ms'));
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
Creating custom tokens
This code shows how to create a custom token 'id' that can be used in the log format. The token function returns a value from the request object, which is then logged.
const express = require('express');
const morgan = require('morgan');
const app = express();
morgan.token('id', function getId(req) {
return req.id;
});
app.use(morgan(':id :method :url'));
app.get('/', (req, res) => {
req.id = 'abc123';
res.send('Hello World!');
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
Writing logs to a file
This code snippet demonstrates how to configure Morgan to write logs to a file named 'access.log' instead of outputting to the console.
const fs = require('fs');
const express = require('express');
const morgan = require('morgan');
const path = require('path');
const app = express();
const accessLogStream = fs.createWriteStream(path.join(__dirname, 'access.log'), { flags: 'a' });
app.use(morgan('combined', { stream: accessLogStream }));
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
Winston is a versatile logging library for Node.js. Unlike Morgan, which is specifically designed for HTTP request logging, Winston can be used for general-purpose application logging. It supports multiple transports (e.g., console, file, database) and is highly configurable.
Pino is a very low-overhead Node.js logger. It is designed for speed and can be significantly faster than other logging solutions like Morgan, especially in high-throughput scenarios. Pino focuses on JSON logging and offers different log levels and custom serializers.
Bunyan is a simple and fast JSON logging library for Node.js services. Like Pino, it focuses on JSON logging. Bunyan provides a set of standard log levels and includes a CLI tool for pretty-printing log files. It is more similar to Winston in terms of features but with a focus on JSON.
Readme
HTTP request logger middleware for node.js
Named after Dexter, a show you should not watch until completion.
var morgan = require('morgan')
Create a new morgan logger middleware function using the given format
and options
.
The format
argument may be a string of a predefined name (see below for the names),
a string of a format string, or a function that will produce a log entry.
Morgan accepts these properties in the options object.
Write log line on request instead of response. This means that a requests will be logged even if the server crashes, but data from the response (like the response code, content length, etc.) cannot be logged.
Function to determine if logging is skipped, defaults to false
. This function
will be called as skip(req, res)
.
// EXAMPLE: only log error responses
morgan('combined', {
skip: function (req, res) { return res.statusCode < 400 }
})
Output stream for writing log lines, defaults to process.stdout
.
There are various pre-defined formats provided:
Standard Apache combined log output.
:remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status :res[content-length] ":referrer" ":user-agent"
Standard Apache common log output.
:remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status :res[content-length]
Concise output colored by response status for development use. The :status
token will be colored red for server error codes, yellow for client error
codes, cyan for redirection codes, and uncolored for all other codes.
:method :url :status :response-time ms - :res[content-length]
Shorter than default, also including response time.
:remote-addr :remote-user :method :url HTTP/:http-version :status :res[content-length] - :response-time ms
The minimal output.
:method :url :status :res[content-length] - :response-time ms
To define a token, simply invoke morgan.token()
with the name and a callback function. This callback function is expected to return a string value. The value returned is then available as ":type" in this case:
morgan.token('type', function(req, res){ return req.headers['content-type']; })
Calling morgan.token()
using the same name as an existing token will overwrite that token definition.
The current date and time in UTC. The available formats are:
clf
for the common log format ("10/Oct/2000:13:55:36 +0000"
)iso
for the common ISO 8601 date time format (2000-10-10T13:55:36.000Z
)web
for the common RFC 1123 date time format (Tue, 10 Oct 2000 13:55:36 GMT
)If no format is given, then the default is web
.
The HTTP version of the request.
The HTTP version of the request.
The Referrer header of the request. This will use the standard mis-spelled Referer header if exists, otherwise Referrer.
The remote address of the request. This will use req.ip
, otherwise the standard req.connection.remoteAddress
value (socket address).
The user authenticated as part of Basic auth for the request.
The given header
of the request.
The given header
of the response.
The time between the request coming into morgan
and when the response headers are written, in milliseconds.
The status code of the response.
The URL of the request. This will use req.originalUrl
if exists, otherwise req.url
.
The contents of the User-Agent header of the request.
Simple app that will log all request in the Apache combined format to STDOUT
var express = require('express')
var morgan = require('morgan')
var app = express()
app.use(morgan('combined'))
app.get('/', function (req, res) {
res.send('hello, world!')
})
Simple app that will log all request in the Apache combined format to STDOUT
var finalhandler = require('finalhandler')
var http = require('http')
var morgan = require('morgan')
// create "middleware"
var logger = morgan('combined')
http.createServer(function (req, res) {
var done = finalhandler(req, res)
logger(req, res, function (err) {
if (err) return done(err)
// respond to request
res.setHeader('content-type', 'text/plain')
res.end('hello, world!')
})
})
Simple app that will log all request in the Apache combined format to the file "access.log"
var express = require('express')
var fs = require('fs')
var morgan = require('morgan')
var app = express()
// create a write stream (in append mode)
var accessLogStream = fs.createWriteStream(__dirname + '/access.log', {flags: 'a'})
// setup the logger
app.use(morgan('combined', {stream: accessLogStream}))
app.get('/', function (req, res) {
res.send('hello, world!')
})
Sample app that will use custom token formats. This adds an ID to all requests and displays it using the :id
token.
var express = require('express')
var morgan = require('morgan')
var uuid = require('node-uuid')
morgan.token('id', function () {
return req.id
})
var app = express()
app.use(assignId)
app.use(morgan(':id :method :url :response-time'))
app.get('/', function (req, res) {
res.send('hello, world!')
})
function assignId(req, res, next) {
req.id = uuid.v4()
next()
}
FAQs
HTTP request logger middleware for node.js
The npm package morgan receives a total of 4,374,627 weekly downloads. As such, morgan popularity was classified as popular.
We found that morgan demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.