README
pino-to-ecs
Converts Pino logs to Elastic Common Schema.
It pairs well with Pino and Filebeat, while pino-elasticsearch integrates this module.
Install
npm i pino-to-ecs
Usage
This module can be used in two ways, from the cli or programmatically.
You can play with this module with the files in the examples
folder.
Note: If pino-to-ecs
can't remap a field to Elastic Common Schema, it will put it inside a pino
object in the logs.
CLI Usage
node app.js | pino-to-ecs
// app.js
'use strict'
var pino = require('pino')()
pino.info('hello world')
API
'use strict'
const toEcs = require('pino-to-ecs')
const logs = [ ... ] // array of Pino logs
const ecs = logs.map(toEcs)
console.log(ecs)
You can also easily use it inside a Transform stream:
'use strict'
const { Transform } = require('readable-stream')
const toEcs = require('pino-to-ecs')
const transform = new Transform({
objectMode: true,
transform: function (chunk, encoding, callback) {
const log = JSON.stringify(toEcs(chunk)) + '\n'
callback(null, log)
}
})
Or use directly the cli utility to handle streams:
'use strict'
const { Writable, Duplex } = require('readable-stream')
const { pinoToEcs } = require('pino-to-ecs')
const stdin = new Duplex({ ... })
const stdout = new Writable({ ... })
pinoToEcs(stdin, stdout)
const pino = Pino(stdin)
pino.info('hello world')
License
Copyright © 2019 Tomas Della Vedova