Use pino logMethod hook to format audit logs #363
Description
Feature proposal
Use pino logMethod hook to enrich audit logs with basic fields, like version, timestamp and checksum.
The hook would filter the audit logs based on the level (greater than 1000) and wrap them into a standard field to ensure audit logs coming from different services follow the same data model.
Feature description
All services generating audit logs need to follow a common data model to ensure end users can aggregate and query them in a unified way.
We propose to use pino logMethod hook to intercept audit logs based on their log level, wrap the object passed as first argument to the log method and enrich it with some computed fields (version, timestamp, checksum, etc.).
Feature snippet example
The following snippet provides an example of how we imagined to configure pino to generate audit logs.
const { createHash } = require('node:crypto')
const pino = require('pino')
const options = {
customLevels: {
audit: 1100,
},
hooks: {
logMethod(inputArgs, method, level) {
if (level > 1000 && inputArgs.length >= 2) {
const object = inputArgs.shift()
const auditObject = {
auditEvent: {
version: '1.0.0',
timestamp: new Date().toISOString(),
checksum: {
algorithm: 'sha512',
value: createHash('sha512')
.update(JSON.stringify(object))
.digest('hex'),
},
metadata: object,
},
}
return method.apply(this, [auditObject, ...inputArgs])
}
return method.apply(this, inputArgs)
},
},
}
const logger = pino(options)
const metadata = {
event: 'AM/AppointmentCreated/v1',
resource: 'AM/Appointment/appointment-12345',
user: 'auth0|dr.john.doe',
operation: 'CRUD/POST',
source: 'appointment-manager',
}
logger.audit(metadata, 'event')