orionops
v2.0.0
Published
Lightweight monitoring middleware/adapters for Express, Fastify, and raw Node http servers — reports request latency, status codes, and traffic to your OrionOps dashboard.
Maintainers
Readme
orionops
Lightweight monitoring middleware for Node.js — reports request latency,
status codes, and traffic to your OrionOps dashboard.
Works with Express, Fastify, or a plain Node http/https server —
one line to install, zero impact on response times.
Install
npm install orionopsThen pick the adapter for your framework below. No extra install needed — the framework-specific code only runs if you import that adapter.
Express
const express = require('express');
const orionops = require('orionops');
const app = express();
app.use(orionops({
apiKey: 'pk_live_xxxxxxxxxxxx',
serviceName: 'my-service',
}));Fastify
const fastify = require('fastify')();
const orionopsFastify = require('orionops/adapters/fastify');
fastify.register(orionopsFastify, {
apiKey: 'pk_live_xxxxxxxxxxxx',
serviceName: 'my-service',
});Requires fastify-plugin as a peer dependency: npm install fastify-plugin.
Plain Node http/https (no framework)
const http = require('http');
const { wrapHandler } = require('orionops/adapters/http');
const handler = (req, res) => {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ ok: true }));
};
const server = http.createServer(
wrapHandler(handler, { apiKey: 'pk_live_xxxxxxxxxxxx', serviceName: 'my-service' })
);
server.listen(3000);Not using Node?
orionops is currently Node.js only. If your service is in another
language, you can still send data to OrionOps directly — /api/hit is a
plain HTTP POST with a JSON body and an x-api-key header, callable from
any language:
curl -X POST https://orionops-api-c8gdc0h3dzdxh4bt.centralindia-01.azurewebsites.net/api/hit \
-H "x-api-key: pk_live_xxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"serviceName": "my-service",
"endpoint": "/api/users/42",
"method": "GET",
"statusCode": 200,
"latencyMs": 38
}'Configuration
All options can be passed directly or set as environment variables. These apply identically across every adapter above.
| Option | Env var | Default | Description |
|---|---|---|---|
| apiKey | ORIONOPS_API_KEY | — | Required. Your client API key. Without it, the middleware no-ops. |
| serviceName | ORIONOPS_SERVICE_NAME | "unnamed-service" | Label shown on your dashboard for this service. |
| endpoint | ORIONOPS_ENDPOINT | https://orionops-api-c8gdc0h3dzdxh4bt.centralindia-01.azurewebsites.net/api/hit | Override if self-hosting OrionOps. |
| enabled | ORIONOPS_ENABLED | true | Set to false to disable monitoring entirely (e.g. in tests). |
| enableLogging | — | true outside production | Logs a one-line warning if a report fails. Failures never throw or affect your response either way. |
| timeout | — | 3000 | Max ms to wait for a report to send before giving up silently. |
| skipPaths | — | ['/health'] | Path prefixes to exclude from reporting. Health checks are usually polled often and add noise rather than signal — override with [] if you want everything tracked. |
Using environment variables only
ORIONOPS_API_KEY=pk_live_xxxxxxxxxxxx
ORIONOPS_SERVICE_NAME=my-serviceapp.use(orionops());Disabling in tests
app.use(orionops({ enabled: false }));or set ORIONOPS_ENABLED=false in your test environment so you don't need
to change application code at all.
What gets reported
For every request, once the response finishes:
{
"serviceName": "my-service",
"endpoint": "/api/users/42",
"method": "GET",
"statusCode": 200,
"latencyMs": 38,
"ip": "203.0.113.7",
"userAgent": "Mozilla/5.0 ..."
}No request or response bodies are ever sent — only metadata about the request itself.
Design notes
- Never blocks the response. Reporting happens after the real response
has already been sent (via
setImmediateafterres.end()in Express/ raw-http, or Fastify'sonResponsehook, which fires only once a response is complete). - Never throws. If the OrionOps API is unreachable, times out, or
returns an error, every adapter fails silently (unless
enableLoggingis on, in which case it logs a single warning line — your app keeps running either way). - No request/response body capture. Only metadata is sent, by design, to avoid accidentally logging sensitive data.
License
MIT
