Gathering detailed insights and metrics for winston-logzio
Gathering detailed insights and metrics for winston-logzio
a winston transport wrapper for logzio
Installations
npm install winston-logzioDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>= 8.4.0
Node Version
20.18.1
NPM Version
10.8.2
Score
90.8
Supply Chain
96.1
Quality
80.4
Maintenance
100
Vulnerability
99.6
License
Releases
8
Languages
1
JavaScript
JavaScript (100%)
Developer
logzio
Download Statistics
Total Downloads
79,606,296
Last Day
2,303
Last Week
37,407
Last Month
144,185
Last Year
2,468,677
GitHub Statistics
Apache-2.0 License
18 Stars
114 Commits
24 Forks
19 Watchers
21 Branches
38 Contributors
Updated on Dec 25, 2024
Bundle Size
101.71 kB
Minified
32.54 kB
Minified + Gzipped
Maintainers
5
Package Meta Information
Latest Version
5.2.0
Package Id
winston-logzio@5.2.0
Unpacked Size
35.91 kB
Size
11.66 kB
File Count
21
NPM Version
10.8.2
Node Version
20.18.1
Published on
Dec 25, 2024
Total Downloads
Cumulative downloads
Total Downloads
79,606,296
Last Day
-20.6%
2,303
Compared to previous day
Last Week
2.3%
37,407
Compared to previous week
Last Month
7%
144,185
Compared to previous month
Last Year
-95.2%
2,468,677
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
winston-logzio
winston-logzio is a winston plugin and wrapper for the logzio-nodejs appender. With winston-logzio, you can take advantage of the winston logger framework with your Node.js app.
Versions
Supports Winston 3, If you want to use Winston 2 - Checkout v1.0.8
Add the dependency to your project
1npm install winston-logzio --save
Configure winston-logzio
Use the samples in the code block below as a starting point, and replace the sample with a configuration that matches your needs.
To run with Typescript click here.
1const winston = require('winston'); 2const LogzioWinstonTransport = require('winston-logzio'); 3 4const logzioWinstonTransport = new LogzioWinstonTransport({ 5 level: 'info', 6 name: 'winston_logzio', 7 token: '<<SHIPPING-TOKEN>>', 8 host: '<<LISTENER-HOST>>', 9}); 10 11const logger = winston.createLogger({ 12 format: winston.format.simple(), 13 transports: [logzioWinstonTransport], 14}); 15 16logger.log('warn', 'Just a test message');
Replace <<SHIPPING-TOKEN>> with your own logz.io logs shipping token.
Replace <<LISTENER-HOST>> with your region’s listener host (for example, listener.logz.io).
For more parameters for LogzioWinstonTransport and configuration options see our docs.
If you do not have a Logz.io account, you can sign up for a free trial here
Options
- token Mandatory. Your account token. Look it up in the Device Config tab in Logz.io
- type - Log type. Help classify logs into different classifications
- protocol -
http,httpsorudp. Default:http - host - Destination host name. Default:
listener.logz.io - port - Destination port. Default port depends on protocol. For
udpdefault port is5050, forhttpis8070and8071is forhttps - sendIntervalMs - Time in milliseconds to wait between retry attempts. Default:
2000(2 sec) - bufferSize - The maximum number of messages the logger will accumulate before sending them all as a bulk. Default:
100. - numberOfRetries - The maximum number of retry attempts. Default:
3 - debug - Should the logger print debug messages to the console? Default:
false - callback - A callback function called when an unrecoverable error has occured in the logger. The function API is: function(err) - err being the Error object.
- timeout - The read/write/connection timeout in milliseconds.
- addTimestampWithNanoSecs - Add a timestamp with nano seconds granularity. This is needed when many logs are sent in the same millisecond, so you can properly order the logs in kibana. The added timestamp field will be
@timestamp_nanoDefault:false - addOtelContext - Add
trace_id,span_id,service_namefields to logs when opentelemetry context is available. Default:true - compress - If true the the logs are compressed in gzip format. Default:
false - internalLogger - set internal logger that supports the function log. Default: console.
- setUserAgent - Set to
falseto send logs without the user-agent field in the request header. Default:true. If you want to send data from Firefox browser, set that option tofalse. - extraFields - Adds your own custom fields to each log. Add in JSON Format, for example:
extraFields : { field_1: "val_1", field_2: "val_2" , ... }.
Details
This winston plugin, basically just wraps our nodejs logzio shipper.
If you want to configure the nodejs logger, any parameters sent to winston when initializing the transport
(what is held in the variable LogzioWinstonTransport in the sample above) will be passed to the logzio nodejs logger itself.
Logs in my console
The winston logger by default sends all logs to the console.
You can easily disable this by adding this line to your code :
1winston.remove(winston.transports.Console);
Running with Typescript
If you don't have a 'tsconfig.json' file start by running:
tsc --init
On your 'tsconfig' file, under 'compilerOptions' make sure you have 'esModuleInterop' flag with the value 'true' or add it this way:
"compilerOptions": {
...
"esModuleInterop": true
}
Code sample:
import winston from 'winston';
import LogzioWinstonTransport from 'winston-logzio';
const logzioWinstonTransport = new LogzioWinstonTransport({
level: 'info',
name: 'winston_logzio',
token: '<<SHIPPING-TOKEN>>',
host: '<<LISTENER-HOST>>',
});
const logger = winston.createLogger({
format: winston.format.simple(),
transports: [logzioWinstonTransport],
});
logger.log('warn', 'Just a test message');
Replace <<SHIPPING-TOKEN>> with your own logz.io logs shipping token.
Replace <<LISTENER-HOST>> with your region’s listener host (for example, listener.logz.io).
For more parameters for LogzioWinstonTransport and configuration options see our docs.
For trouble shooting press here.
If you do not have a Logz.io account, you can sign up for a free trial here.
Note: If winston-logzio is used as part of a serverless service (AWS Lambda, Azure Functions, Google Cloud Functions, etc.), add logger.close() at the end of the run.
Details
This winston plugin, basically just wraps our nodejs logzio shipper.
If you want to configure the nodejs logger, any parameters sent to winston when initializing the transport
(what is held in the variable LogzioWinstonTransport in the sample above) will be passed to the logzio nodejs logger itself.
Logs in my console
The winston logger by default sends all logs to the console.
You can easily disable this by adding this line to your code :
1winston.remove(winston.transports.Console);
Troubleshooting
To fix errors related to "esModuleInterop" flag make sure you run the relavent 'tsconfig' file. These might help:
tsc <file-name>.ts --esModuleInterop
or
tsc --project tsconfig.json
Add opentelemetry context
If you're sending traces with OpenTelemetry instrumentation (auto or manual), you can correlate your logs with the trace context. That way, your logs will have traces data in it, such as service name, span id and trace id (version >= 5.2.0).
This feature is enabled by default, To disable it, set the AddOtelContext param in your handler configuration to false, like in this example:
1const winston = require('winston'); 2const LogzioWinstonTransport = require('winston-logzio'); 3 4const logzioWinstonTransport = new LogzioWinstonTransport({ 5 level: 'info', 6 name: 'winston_logzio', 7 token: '<<SHIPPING-TOKEN>>', 8 host: '<<LISTENER-HOST>>', 9 addOtelCotext: false, 10}); 11 12const logger = winston.createLogger({ 13 format: winston.format.simple(), 14 transports: [logzioWinstonTransport], 15});
Build and test locally
- Clone the repository:
1git clone https://github.com/logzio/winston-logzio.git 2cd winston-logzio
- Build and run tests:
1npm install 2npm test
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
Found 11/16 approved changesets -- score normalized to 6
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/logzio/winston-logzio/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/logzio/winston-logzio/npm-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/logzio/winston-logzio/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/logzio/winston-logzio/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/logzio/winston-logzio/test.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:13
- Warn: npmCommand not pinned by hash: .github/workflows/test.yml:24
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
16 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 26 are checked with a SAST tool
Score
3.4
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More