
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
prometheus-wrapper
Advanced tools
Wrapper to official NodeJS Prometheus exporter (prom-client)
The official NodeJS client for prometheus requires to transporter the metrics variables in your code (counters, gauges, histograms and summaries).
This small library allow to control variables from the whole code, in a singleton, by getting the metric by name, just like that: require('prometheus-wrapper').get("<counter-name>").inc()
Execute this command to launch an express server exposing some metrics. Browse localhost:8080/metrics to monitor the metrics (data is changing after 10s).
$ node examples/index.js
See the source files in /examples to see suggestions of implementation.
init.js
var prometheus = require("prometheus-wrapper");
var express = require('express');
var app = express();
prometheus.setNamespace("myapp");
app.get('/metrics', function(req, res) {
res.end(prometheus.getMetrics());
});
// Counter
prometheus.createCounter("mycounter", "A number we occasionally increment.");
// Gauge
prometheus.createGauge("mygauge", "A random number we occasionally set.");
// Histogram
prometheus.createHistogram("myhistogram", "A chat duration histogram.", {
buckets: [ 10, 30, 60, 300, 600, 1800, 3600 ]
});
// Summary
prometheus.createSummary("mysummary", "Compute quantiles and median of a random list of numbers.", {
percentiles: [ 0.01, 0.1, 0.5, 0.9, 0.99 ]
});
app.listen(8080);
wherever-in-your-code.js
var prometheus = require("prometheus-wrapper");
setInterval(function () {
prometheus.get("mycounter").inc(42);
}, 10000);
prometheus.get("mygauge").set(42);
var end = prometheus.get("myhistogram").startTimer();
setTimeout(function () {
end();
}, 15000);
for (var i = 0; i < 100000; ++i) {
prometheus.get("mysummary").observe(Math.random());
}
Exposed /metrics
:
$ curl 127.0.0.1:8080
# HELP myapp_mycounter A number we occasionally increment.
# TYPE myapp_mycounter counter
myapp_mycounter 84
# HELP myapp_mygauge A random number we occasionally set.
# TYPE myapp_mygauge gauge
myapp_mygauge 42
# HELP examples_myhistogram A chat duration histogram.
# TYPE examples_myhistogram histogram
myapp_myhistogram_bucket{le="10"} 0
myapp_myhistogram_bucket{le="30"} 1
myapp_myhistogram_bucket{le="60"} 1
myapp_myhistogram_bucket{le="300"} 1
myapp_myhistogram_bucket{le="600"} 1
myapp_myhistogram_bucket{le="1800"} 1
myapp_myhistogram_bucket{le="3600"} 1
myapp_myhistogram_bucket{le="+Inf"} 1
myapp_myhistogram_sum 15.002
myapp_myhistogram_count 1
# HELP myapp_mysummary Compute quantiles and median of a random list of numbers.
# TYPE myapp_mysummary summary
myapp_mysummary{quantile="0.01"} 0.009997170550270069
myapp_mysummary{quantile="0.1"} 0.09957970759409267
myapp_mysummary{quantile="0.5"} 0.5016970195079504
myapp_mysummary{quantile="0.9"} 0.8993228241841542
myapp_mysummary{quantile="0.99"} 0.9901868947762174
myapp_mysummary_sum 4999.807495853165
myapp_mysummary_count 10000
Example:
var prometheus = require("prometheus-wrapper");
// Init Counter
prometheus.createCounter("mycounter", "A number we occasionally increment.", ['foo']);
setInterval(function () {
prometheus.get("mycounter").inc({foo: 'bar'}, 42);
prometheus.get("mycounter").inc({foo: 'baz'}, 21);
}, 10000);
prometheus.get("mygauge").set(42);
$ curl 127.0.0.1:8080
# HELP myapp_mycounter A number we occasionally increment.
# TYPE myapp_mycounter counter
myapp_mycounter{foo="bar"} 42
myapp_mycounter{foo="baz"} 42
A counter is a cumulative metric that represents a single numerical value that only ever goes up. A counter is typically used to count requests served, tasks completed, errors occurred, etc. Counters should not be used to expose current counts of items whose number can also go down, e.g. the number of currently running goroutines. Use gauges for this use case.
A gauge is a metric that represents a single numerical value that can arbitrarily go up and down.
Gauges are typically used for measured values like temperatures or current memory usage, but also "counts" that can go up and down, like the number of running goroutines.
A histogram samples observations (usually things like request durations or response sizes) and counts them in configurable buckets. It also provides a sum of all observed values.
A histogram with a base metric name of <basename> exposes multiple time series during a scrape:
- cumulative counters for the observation buckets, exposed as <basename>_bucket{le="<upper inclusive bound>"}
- the total sum of all observed values, exposed as <basename>_sum
- the count of events that have been observed, exposed as <basename>_count (identical to <basename>_bucket{le="+Inf"} above)
Similar to a histogram, a summary samples observations (usually things like request durations and response sizes). While it also provides a total count of observations and a sum of all observed values, it calculates configurable quantiles over a sliding time window.
A summary with a base metric name of <basename> exposes multiple time series during a scrape:
- streaming φ-quantiles (0 ≤ φ ≤ 1) of observed events, exposed as <basename>{quantile="<φ>"}
- the total sum of all observed values, exposed as <basename>_sum
- the count of events that have been observed, exposed as <basename>_count
client.setNamespace(<namespace>)
=> prefixes every metric nameclient.getMetrics()
=> what to expose in your server under /metricsclient.createCounter(<name>, <help>, [ <label-list> ])
client.get(<name>).get()
client.get(<name>).inc()
client.get(<name>).inc(<delta>)
client.createGauge(<name>, <help>, [ <label-list> ])
client.get(<name>).get()
client.get(<name>).set(<value>)
client.get(<name>).setToCurrentTime()
=> expose a timestamp in msvar end = client.get(<name>).startTimer()
=> call end()
to stop the timer, expose a timestamp in secondsclient.createHistogram(<name>, <help>, buckets: [ <categories> ], [ <label-list> ])
client.get(<name>).get()
client.get(<name>).observe(<value>)
client.get(<name>).reset()
var end = client.get(<name>).startTimer()
=> call end()
to stop the timer, expose a timestamp in secondsclient.createSummary(<name>, <help>, buckets: [ <categories> ], [ <label-list> ])
client.get(<name>).get()
client.get(<name>).observe(<value>)
client.get(<name>).reset()
var end = client.get(<name>).startTimer()
=> call end()
to stop the timer, expose a timestamp in secondsFAQs
Makes prometheus easier to use in a nodejs app
The npm package prometheus-wrapper receives a total of 8 weekly downloads. As such, prometheus-wrapper popularity was classified as not popular.
We found that prometheus-wrapper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.