Splunk logging for JavaScript
See the Splunk HEC Docs for more info.
npm install 'kersplunk'
Create a logger singleton (recommended for most applications):
import { Logger } from 'kersplunk';
export const logger = Logger.singleton({
splunkUrl: 'http://my-splunk/http-event-collector-path',
authToken: 'YOUR-SPLUNK-HEC-TOKEN'
}):
Then, just use the logger around your application:
import { logger } from './utils/logger';
// Log away!
logger.info('thing:happened', {
whatever: 'details',
you: 'would',
like: { to: 'add' },
});
Each log entry is tagged with a logType
property. These are intended to be broad categories of logs. You have control over the log types the logger can create.
By default, loggers will have:
info
- Informationaldebug
- Debugging level stuff (may only want this in your lower environments)warn
- Warnings (usually for recoverable errors)error
- Hard exceptions
You may scrap these and create your own set by passing in your logger types into the singleton
or create
methods.
const myLogger = Logger.create(config, 'happy', 'sad');
myLogger.happy('Wooo!! 😀'); // -> {logType: 'happy', eventName: 'Wooo!! 😀'}
myLogger.sad('Booooo ☹️'); // -> {logType: 'sad', eventName: 'Booooo ☹️'}
Each log may optionally be supplied with details about the event. The details object must be serializable by JSON.stringify
. The logger will combine the details of your event along with the log type and event name into a single entry.
For example, logging this:
logger.debug('it worked!', { note: 'I am awesome', foo: ['bar', 'baz'] });
will create a log entry in Splunk like this:
{
logType: 'debug',
eventName: 'it worked!',
note: 'I am awesome',
foo: ['bar', 'baz']
}
Name | Type | Default | Notes |
---|---|---|---|
splunkUrl |
string |
required | The URL to your Splunk HEC Collector endpoint |
authToken |
string |
required | Your Splunk HEC token |
splunkMeta |
SplunkMeta |
optional | Splunk specific metadata to include with your logs. (eg: index, source, etc). |
enabled |
boolean |
true |
enable/disable the logger |
interceptor |
LogInterceptor |
optional | Allows for adding common log properties globally |
maxBuffer |
number |
50 |
The maximum size the buffer is allowed to grow before automatically flushing the logs to the server |
throttleDuration |
number (ms) |
250 |
The maximum amount of time to buffer logs before automatically flushing logs to the server |
autoRetry |
boolean |
true |
Automatically retry log submission if posting to Splunk fails. |
autoRetryDuration |
number (ms) |
1000 |
Duration between autoRetries |
logToConsole |
boolean |
false |
Enables displaying all log details to console.log . |
errorFormatter |
ErrorFormatter |
optional | Allows customization of how Error objects are logged. |
It is common to need common meta-data on all logs. For example, you may log that a button was pressed but if you don't have some context about the action, the log is not terribly useful. A custom log interceptor allows adding context to all your logs.
(log: object) => object
Takes in the original log information ({ logType, eventName, ...details}
) and returns the "enhanced" log entry.
logger.interceptor = log => ({
...log,
icon: log.logType === 'error' ? '💩' : '😎',
});
logger.info('yo', { feeling: 'awesome' });
logger.error('aww', { feeling: 'poopy' });
// Will be intercepted and have the details appended:
// {logType: 'info', eventName: 'yo', feeling: 'awesome', icon: '😎'}
// {logType: 'error', eventName: 'aww', feeling: 'poopy', icon: '💩'}
Here's what an interceptor might look like for an application with a redux-store:
const store = createStore(reducers);
logger.interceptor = log => {
const state = store.getState();
return {
...log,
meta: {
user: state.user.username,
deviceId: state.app.deviceId,
sessionId: state.user.sessionId,
route: state.app.currentRoute,
},
};
};
This would ensure that all your logs will have some context to them.
You may now just log simple events and they will automatically have context added to them:
logger.info('button:press', { buttonText: 'Go!' });
Before this log gets to the server, it'll pass the details through the interceptor which will attach your meta-data.
By default, when you pass an Error
as your log details, it will be formatted as:
{ name: error.name, message: error.message, stack: error.stack }
You may customize this formatting by providing a custom error formatter:
(error: Error) => object
See Event Metadata section of the Splunk docs.
Name | Type | Default | Notes |
---|---|---|---|
time |
number |
current time | The event time. The default time format is epoch time format, in the format .. For example, 1433188255.500 indicates 1433188255 seconds and 500 milliseconds after epoch, or Monday, June 1, 2015, at 7:50:55 PM GMT. |
host |
string |
undefined |
The host value to assign to the event data. This is typically the hostname of the client from which you're sending data. |
source |
string |
"kersplunk-<version>" |
The source value to assign to the event data. For example, if you're sending data from an app you're developing, you could set this key to the name of the app. |
sourcetype |
string |
"_json" |
It is recommended you keep this value |
index |
string |
undefined |
The name of the index by which the event data is to be indexed. The index you specify here must within the list of allowed indexes if the token has the indexes parameter set. |
fields |
string |
{kersplunk: <version>} |
Specifies a JSON object that contains explicit custom fields to be defined at index time. Requests containing the fields property must be sent to the /collector/event endpoint, or they will not be indexed. For more information, see Indexed field extractions. |
You may dynamically supply SplunkMeta
with a callback or static data.
This is the recommended way to use the logger for most projects
The same as Logger.create
except this version creates a "singleton" logger instance. The intention is that for a given JavaScript process, only one logger will ever be created by this method. This is useful if you would like to configure your logger once in your application and all modules will receive the same Logger
instance.
Creates a new logger instance with the default logTypes.
Resets the singleton object so another logger will be created on the next Logger.singleton
call.
Enables the logger.
Disables the logger. This is the same as configuring the logger with enabled: false
. The logger will essentially discard logs instead of sending them to Splunk. If you have enabled logToConsole
those logs will still be output to the console.
Immediately submits logs to Splunk. This is useful if your app is about to exit and you want to flush the buffers.