logging.js

ABOUT

Ever wonder where that console.log function comes from? Or how to keep track of events and errors over time? What if there’s a denial of service attack against your application–how would you go about understanding it and collecting evidence? The logging module is concerned with capturing these types of events and errors and recording them. These events may be security events, application errors and/or runtime events.

REQUIREMENTS & ASSUMPTIONS

let winston = require('winston')
let p = require('../security.json')
let moment = require('moment')
  • _spartan uses the winston npm module to create a file and console logger object. From this, you simply need to decide what events and errors you want to log and to what source (aka ‘transport’)
  • _spartan assumes local file-based and console-based logging

Though not natively supported, we’ve started putting the bones in place for network-based log visualization solutions such as kibana (via elkstack). If you already have elasticsearch configured, you can overload this module by additionally installing ‘winston-elasticsearch’ in addition to ‘winston’ (npm install --save winston-elasticsearch) and require it in logging.js. You’ll additionally want to set up your own logger & transport. See the winston-elasticsearch docs for more information on how to do this

AVAILABLE METHODS

Module Instantiation

method name description params returns
N/A returns a function with logger transports (console & file) configured N/A Error if policy module is disabled

USAGE

const log = security.logging
...

Using Logs

method name description params returns
log() actually provides the logging object to log an event or incident to the transport you specify Object Error

Logging levels in winston conform to the severity ordering specified by RFC5424: severity of all levels is assumed to be numerically ascending from most important to least important.

USAGE

You can choose to log events on every route (e.g. runtime or application startup events) or per route (e.g. errors or security incidents)

// or use default settings on an individual route like this
app.get('/route', (request, response, next) => {
  someEvent(data, err) => {
      if (err) {
          log.info(`Whoopsie! ${err}`) // logs 'INFO: <timestamp>, Whoopsie, $err' to console and to file transports
      }
  }
})

ERRORS

  • (‘logging/disabled-in-policy’) => thrown if the logging policy object is not enabled. To change this, change loggingPolicy.enabled : true in security.json then run the _spartan --force command