How to use @elastic/ecs-winston-format with winston-elasticsearch

Hi! I'm trying to long events from Javascript (especially from express application) to ELK. I can write to console just fine:

const ecsFormat = require('@elastic/ecs-winston-format');
const myLogger = winston.createLogger({
  level: 'info',
  format: ecsFormat({ convertReqRes: true }),
  transports: [
    new winston.transports.Console(),
  ],
});

and then I can easily include the request object to send the right request metadata in log messages:

logger.info ("message", { req, res })

But if I want to write to ELK:

const Elasticsearch = require('winston-elasticsearch');
logger.add(new Elasticsearch({ ... }))

...
logger.info('Message', { req, res })

I get errors like this:

error: TypeError: Converting circular structure to JSON
    at JSON.stringify (<anonymous>)
    at Json.serialize (/app/node_modules/elasticsearch/src/lib/serializers/json.js:23:21)
    at Json.bulkBody (/app/node_modules/elasticsearch/src/lib/serializers/json.js:51:20)
    at Transport.request (/app/node_modules/elasticsearch/src/lib/transport.js:191:24)
    at exec (/app/node_modules/elasticsearch/src/lib/client_action.js:361:20)
    at EsApiClient.action [as bulk] (/app/node_modules/elasticsearch/src/lib/client_action.js:61:16)
    at BulkWriter.write (/app/node_modules/winston-elasticsearch/bulk_writer.js:89:22)
    at BulkWriter.flush (/app/node_modules/winston-elasticsearch/bulk_writer.js:69:15)
    at BulkWriter.tick (/app/node_modules/winston-elasticsearch/bulk_writer.js:45:8)
    at Timeout.timer.setTimeout [as _onTimeout] (/app/node_modules/winston-elasticsearch/bulk_writer.js:37:10)

I've tried different ways to work around it but have not been successful.

I'm also a bit confused on the difference in data types of the format: parameter to winston.createLogger(...) vs the transform: parameter to new Elasticsearch(...). Can I use the former (ECS formatter) with Elasticsearch?

How can I easily log express "request" metadata in ECS format with a combination of winston-elasticsearch and ecs-winston-format?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.