Skill

logging-best-practices

Implements structured logging with levels, request context, PII sanitization using Winston in Node.js. Covers Python structlog, Go zap, ELK/CloudWatch integration for log bloat, PII exposure, missing context.

Javascript

Node

Install

npx claudepluginhub secondsky/claude-skills --plugin logging-best-practices

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Implement secure, structured logging with proper levels and context.

Supporting Assets

references/advanced-logging.md

SKILL.md

Similar Skills

using-git-worktrees

Creates isolated Git worktrees for feature branches with prioritized directory selection, gitignore safety checks, auto project setup for Node/Python/Rust/Go, and baseline verification.

superpowers

168.3k

subagent-driven-development

3 files

Executes implementation plans in current session by dispatching fresh subagents per independent task, with two-stage reviews: spec compliance then code quality.

superpowers

168.3k

dispatching-parallel-agents

Dispatches parallel agents to independently tackle 2+ tasks like separate test failures or subsystems without shared state or dependencies.

superpowers

168.3k

Stats

Parent Repo Stars99

Parent Repo Forks12

Last CommitApr 2, 2026

Actions

View Source View Plugin View on GitHub View README

Logging Best Practices

Implement secure, structured logging with proper levels and context.

Log Levels

Level	Use For	Production
DEBUG	Detailed debugging	Off
INFO	Normal operations	On
WARN	Potential issues	On
ERROR	Errors with recovery	On
FATAL	Critical failures	On

Structured Logging (Winston)

const winston = require('winston');

const logger = winston.createLogger({
  level: process.env.LOG_LEVEL || 'info',
  format: winston.format.combine(
    winston.format.timestamp(),
    winston.format.json()
  ),
  defaultMeta: { service: 'api-service' },
  transports: [
    new winston.transports.Console(),
    new winston.transports.File({ filename: 'error.log', level: 'error' })
  ]
});

// Usage
logger.info('User logged in', { userId: '123', ip: '192.168.1.1' });
logger.error('Payment failed', { error: err.message, orderId: '456' });

Request Context

const { AsyncLocalStorage } = require('async_hooks');
const storage = new AsyncLocalStorage();

app.use((req, res, next) => {
  const context = {
    requestId: req.headers['x-request-id'] || uuid(),
    userId: req.user?.id
  };
  storage.run(context, next);
});

function log(level, message, meta = {}) {
  const context = storage.getStore() || {};
  logger.log(level, message, { ...context, ...meta });
}

PII Sanitization

const sensitiveFields = ['password', 'ssn', 'creditCard', 'token'];

function sanitize(obj) {
  const sanitized = { ...obj };
  for (const field of sensitiveFields) {
    if (sanitized[field]) sanitized[field] = '[REDACTED]';
  }
  if (sanitized.email) {
    sanitized.email = sanitized.email.replace(/(.{2}).*@/, '$1***@');
  }
  return sanitized;
}

Best Practices

Use structured JSON format
Include correlation IDs across services
Sanitize all PII before logging
Use async logging for performance
Implement log rotation
Never log at DEBUG in production

Additional Implementations

See references/advanced-logging.md for:

Python structlog setup
Go zap high-performance logging
ELK Stack integration
AWS CloudWatch configuration
OpenTelemetry tracing

Never Do

Log passwords or tokens
Use console.log in production
Log inside tight loops
Include stack traces for client errors