@axiomify/logger

v6.3.3

Published

4 hours ago

Structured request/response logging for Axiomify with recursive PII masking.

Downloads

1,119

0High
0Medium
0Low

topman

axiomify logging structured-logging request-logging response-logging pii-masking observability

@axiomify/logger

Structured request/response logging for Axiomify with PII field masking and configurable log levels.

Install

npm install @axiomify/logger

Quick start

import { useLogger } from '@axiomify/logger';

useLogger(app, {
  level: 'info',
  sensitiveFields: [
    'password',
    'authorization',
    'x-api-key',
    'token',
    'cardNumber',
    'cvv',
  ],
});

Options

| Option | Type | Default | Description | | ------------------------ | ---------------------------------------- | -------- | ------------------------------------------------------------------------------------ | | level | 'debug' \| 'info' \| 'warn' \| 'error' | 'info' | Minimum log level. Messages below this level are suppressed. | | sensitiveFields | string[] | [] | Field names (case-insensitive) to mask in headers and body. Masked as '****'. | | beautify | boolean | false | Colorised, human-readable output for local development. JSON in production. | | includeHeaders | boolean | false | Include request headers in log entries. Enable only when the log pipeline is secure. | | includeParams | boolean | false | Include request route parameters (req.params) in log entries. | | includeQuery | boolean | false | Include request query parameters (req.query) in log entries. | | includeBody | boolean | false | Include request body (req.body) in log entries. | | includeResponseHeaders | boolean | false | Include response headers in log entries. | | includeResponsePayload | boolean | false | Include response payload/data in log entries. | | includePayload | boolean | false | Alias for includeResponsePayload. | | includeState | boolean | false | Include request state (req.state) in log entries. |

Log output

Each request produces two log entries:

On onRequest — incoming request:

{
  "level": "info",
  "requestId": "abc-123",
  "method": "POST",
  "path": "/users",
  "ip": "10.0.0.1",
  "ts": "2024-01-01T00:00:00.000Z"
}

On onPostHandler — response sent:

{
  "level": "info",
  "requestId": "abc-123",
  "status": 201,
  "latencyMs": 12,
  "ts": "2024-01-01T00:00:00.001Z"
}

On onError — handler threw:

{
  "level": "error",
  "requestId": "abc-123",
  "error": "Validation failed",
  "status": 400,
  "latencyMs": 3
}

Masking

Masking is recursive — it traverses nested objects and arrays:

useLogger(app, { sensitiveFields: ['password', 'token'] });

// Request body { email: '[email protected]', password: 'secret123', nested: { token: 'xyz' } }
// Logged as:   { email: '[email protected]', password: '****', nested: { token: '****' } }

Field names are matched case-insensitively. Masking depth is bounded to prevent stack overflow on adversarially deep objects.

Development mode

useLogger(app, {
  level: 'debug',
  beautify: true, // coloured output with readable timestamps
  includeHeaders: true,
  includeParams: true,
  includeQuery: true,
  includeBody: true,
  includeResponseHeaders: true,
  includeResponsePayload: true,
  includeState: true,
});

Custom log destination

The logger writes to process.stdout. To redirect to a log aggregator (Datadog, Loki, etc.), pipe stdout at the process level:

node server.js | my-log-shipper

Or replace process.stdout.write before calling useLogger for programmatic control.

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

@axiomify/logger

Install

Quick start

Options

Log output

Masking

Development mode

Custom log destination