@sannuk792/api-response-monitor
v2.1.9
Published
Production-ready API monitoring middleware for Express, Axios and Fetch with latency tracking, event emission and async logging.
Maintainers
sannuk792Readme
@sannuk792/api-response-monitor
Part of the Professional Node.js Backend Toolkit
Production-ready monitoring middleware for Node.js backends and frontend APIs. Tracks latency, status, and health with zero-config defaults.
❓ Why API Response Monitor?
Debugging production APIs is difficult. Traditional logs are often:
- Scattered: Hard to trace a single request flow across multiple logs.
- Reactive: You only find out about slow endpoints when users complain.
- Expensive: Full APM tools (Datadog/NewRelic) can be overkill and costly for many projects.
- Missing Context: Logs often lack critical latency and trace-id metadata.
api-response-monitor solves this by providing:
- Lightweight Tracing: Zero-config
requestIdin every response. - Proactive Alerts: Built-in slow-endpoint detection and error-rate alerting.
- Immediate Analytics: A ready-to-use dashboard to visualize traffic patterns.
- Performance First: Designed for high-scale with negligible overhead.
🏗️ Architecture & Request Lifecycle
System Flow
graph LR
C[Client] --> M[Middleware]
M --> E[Event Bus]
E --> D[Dashboard]
E --> S[Storage/Adapters]
E --> A[Alerting/Webhooks]Workflow Details
graph LR
A[Request] --> B[Generate RequestID]
B --> C[Intercept Response]
C --> D[Calculate Metrics]
D --> E[Async Processing]
E --> F[Dashboard/Analytics]Request Lifecycle
- Request Received:
requestIdis auto-generated or extracted from headers. - Response Intercepted: Native
res.json/res.sendare wrapped to capture metadata. - Metrics Calculated: Precise latency tracking using
process.hrtime. - Event Emitted: A sanitized, non-blocking event is sent to the internal emitter.
- Async Processing: Plugins run, logs are written, and storage adapters are updated.
✨ Features
🔌 Extensible Plugin Architecture (Senior Dev Favorite)
Extend without modifying core. Our plugin system allows you to inject custom logic into the request lifecycle.
const { slowQueryPlugin, tagPlugin } = require('@sannuk792/api-response-monitor');
// Built-in or custom plugins run asynchronously
plugins: [slowQueryPlugin(500), tagPlugin({ env: 'prod' })]Production-Ready
- 🎯 Log Levels: Filter by
debug,info,warn,error. - 🔍 Request ID / Trace ID: Automatic request tracking across services.
- ⚡ Performance Mode: Minimal overhead for high-traffic apps.
- ⚠️ Slow Endpoint Detection: Real-time warnings for latency spikes.
- 🚨 alerting System: Error rate & latency threshold alerts with Webhooks.
- 💾 Storage Adapters: MongoDB, PostgreSQL, Elasticsearch support.
📦 Install
npm i @sannuk792/api-response-monitor@latest🚀 Quick Start
Basic Setup
const express = require('express');
const { setupApiMonitoring } = require('@sannuk792/api-response-monitor');
const app = express();
setupApiMonitoring(app); // One line setup!
app.get('/api/test', (req, res) => {
res.json({ message: "Hello World" }); // Automatically wrapped
});
app.listen(3000);⚡ Recommended Production Setup
For high-traffic apps, we recommend this "Minimal" configuration:
app.use(apiMonitor({
mode: 'minimal', // No payload parsing (fast path)
samplingRate: 0.2, // Track 20% of requests
logLevel: 'warn', // Only log warnings and errors
maxEventsPerSecond: 100
}));⛑️ Maintained actively.
Bug fixes usually within 24–48 hours.
📊 Performance Benchmarks
Designed for high-performance Node.js environments:
- Overhead: ~0.2ms per request (Full mode).
- Memory Impact: Negligible under 10k RPM.
- Non-blocking: All logging and event emission happen in the next tick via
setImmediate.
️ Fail-Safe Design
Built for production reliability:
- Isolation: Monitoring failures never break your API responses. If a storage adapter or plugin crashes, the error is caught and logged, while the user's request continues normally.
- Async-Only: All processing is non-blocking to ensure zero impact on event loop latency.
🛡️ Production-Grade Hardening (14-Point Stress Test)
This package has undergone a rigorous 14-point stability suite to ensure it never breaks your main application, even under extreme conditions.
📊 Performance Benchmarks (Real HTTP Traffic)
Measured using autocannon -c 100 -d 10 (100 concurrent connections).
| Mode | Req/Sec | p99 Latency | Impact | Recommended For | |------|---------|-------------|--------|-----------------| | Baseline (OFF) | 10,081 | 33ms | - | - | | Full Mode (1.0) | 6,058 | 129ms | ~40% load | Debugging/Staging | | Minimal Mode (0.2) | 6,647 | 73ms | Refined | High-Traffic Prod |
[!IMPORTANT] Performance vs. Visibility Tradeoff: Full monitoring includes deep cloning and sanitization (to prevent circular-ref crashes), which adds ~20-50ms of overhead under heavy concurrency. For high-scale production, use
mode: 'minimal'andsamplingRate: 0.2to keep p99 latency under control while still capturing critical trends.
💎 Key Fail-Safe Features
💎 Key Fail-Safe Features
- Circular Reference Handling: Built-in
safeStringifyprevents crashes when logging recursive objects. - Total Middleware Isolation: Double
try-catchlayers ensure that even if the monitor fails, your API response is always delivered. - Plugin Sandboxing: Crashing plugins are caught and logged without stopping the event flow.
- Graceful Shutdown: SIGINT/SIGTERM handling ensures pending logs are flushed or buffered to disk (
logs-buffer.json).
�️ Production Best Practices
Based on real-world deployments, here are the top 3 recommendations for senior developers:
- Tag Your Services: Use
serviceName: 'order-api'to avoid the "unnamed-service" tag. This is critical for centralized logging in microservice architectures. - Use Mode Strategically:
mode: 'full'for Development/Staging to catch all payload details.mode: 'minimal'for High-Traffic Production (10k+ Req/Sec) to capture only metadata (status, latency) and save CPU cycle.
- Refine Redaction: By default, v2.1.1 auto-redacts Mongoose
__vkeys to reduce log noise. UseredactFieldsto hide sensitive business logic likeinternal_discount_codeoruser.hashed_password.
�📊 Event Schema (v1.1)
Every monitoring event follows this structured format, ensuring compatibility with our Enterprise Dashboard.
{
"source": "backend",
"endpoint": "/api/users",
"method": "GET",
"status": 200,
"latency": "12ms",
"success": true,
"requestId": "req_5f8a2...",
"protocol": {
"version": "1.1",
"sdkVersion": "2.1.1",
"platform": "node",
"wrapper": "express",
"env": "production",
"service": "auth-api"
}
}📖 Real-World Use Case
Challenge: An E-commerce startup processing 5000 requests/min noticed intermittent checkout failures but couldn't pinpoint the cause in their generic logs.
Solution: They integrated api-response-monitor.
- Result: The Slow Endpoint Detector immediately flagged
/api/payments/verifywith an avg latency of 1200ms. - Outcome: The team used the Request ID to trace the exact failed requests and found a database indexing issue. Checkout latency dropped by 35% within 2 hours.
✅ When to use?
| Use This When: | Avoid When: | |----------------|-------------| | You need lightweight request tracing. | You need full Enterprise APM (Datadog/NewRelic). | | You want zero-config monitoring. | You need distributed tracing across 50+ services. | | You need a quick, visual dashboard. | Your app is not Node.js based. | | You want to monitor dev/staging easily. | |
⚙️ Configuration
All Options
app.use(apiMonitor({
enabled: true,
destination: 'console', // 'console' | 'file' | 'url'
logLevel: 'info', // 'debug' | 'info' | 'warn' | 'error'
generateRequestId: true,
mode: 'full', // 'full' | 'minimal'
serviceName: 'my-service', // Custom tag for microservices
samplingRate: 1.0,
slowThreshold: 1000,
ignoreRoutes: ['/health', '/favicon.ico'],
redactFields: ['password', 'token'],
storageAdapter: { type: 'mongo', options: { collection } }
}));�️ Roadmap & Future
- [ ] Fastify & Koa Adapters: Support for more frameworks.
- [ ] OpenTelemetry Bridge: Export logs to OTel-compatible collectors.
- [ ] Distributed Tracing: Support for Parent Span IDs.
📜 License
MIT © sannuk792