npm install @ceon-oy/monitor-sdk

Ceon Monitor SDK

Lightweight client SDK for integrating with the Ceon Monitor service. Provides error reporting, technology tracking, vulnerability auditing, and security event monitoring.

- Installation
- Quick Start
- Configuration
- Features
- Error Capture
- Technology Tracking
- Vulnerability Auditing
- Security Events
- Framework Examples
- Express.js
- Next.js
- React (Monolithic)
- React (Separate Server/Client)
- Real-World Example: Full-Stack Monitoring
- API Reference
- Batching Behavior
- Building

Installation

``bash

`From npm (recommended)`


npm install @ceon-oy/monitor-sdk
From GitHub

npm install github:ceon-oy/ceon-monitor-sdk

Or add to your package.json:

`json { "dependencies": { "@ceon-oy/monitor-sdk": "^1.0.0" } }`

`Related`

- Ceon Monitor - Main monitoring server and dashboard

`Quick Start`

`typescript import { MonitorClient } from '@ceon-oy/monitor-sdk';

// Initialize the client const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', environment: process.env.NODE_ENV, trackDependencies: true, // Auto-sync package.json });

// Capture an error try { await riskyOperation(); } catch (error) { await monitor.captureError(error as Error, { route: '/api/users', method: 'POST', statusCode: 500, }); }

// Capture a message await monitor.captureMessage('User signed up', 'INFO', { metadata: { userId: '123', plan: 'premium' }, });

// Run vulnerability audit await monitor.auditDependencies();

// Flush and close before shutdown await monitor.close();`

`Configuration`

`typescript interface MonitorClientConfig { apiKey: string; // Your project API key (required) endpoint: string; // Monitor service URL (required) environment?: string; // Environment name (default: 'production') batchSize?: number; // Errors to batch before sending (default: 10) flushIntervalMs?: number; // Auto-flush interval in ms (default: 5000) trackDependencies?: boolean; // Auto-sync package.json (default: false) dependencySources?: { // Multiple package.json sources path: string; environment: string; }[]; excludePatterns?: string[]; // Glob patterns to exclude (e.g., '@types/*') autoAudit?: boolean; // Enable automatic vulnerability scanning (default: false) auditPaths?: { // Multiple directories for vulnerability scanning path: string; // Directory path (e.g., '.', '../client') environment: string; // Environment label (e.g., 'server', 'client') }[]; auditTimeoutMs?: number; // Timeout for npm audit command (default: 60000, max: 300000) registryTimeoutMs?: number; // Timeout for npm registry requests (default: 5000, max: 30000) }`

`$3`

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', environment: 'production', });`

`$3`

For projects with separate server and client folders:

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', environment: 'server', trackDependencies: true, dependencySources: [ { path: './package.json', environment: 'server' }, { path: '../client/package.json', environment: 'client' }, ], excludePatterns: ['@types/*'], // Filter out TypeScript type definitions });`

`Initialization Patterns by Runtime`

The SDK initialization pattern depends on your application's runtime environment:

`$3`

Traditional Node.js servers run as persistent processes. Use explicit initialization and graceful shutdown:

`typescript // lib/monitor.ts import { MonitorClient } from '@ceon-oy/monitor-sdk';

let monitor: MonitorClient | null = null;

export function initializeMonitor() { if (!monitor) { monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: process.env.CEON_MONITOR_ENDPOINT!, environment: process.env.NODE_ENV, trackDependencies: true, autoAudit: true, }); } return monitor; }

export function getMonitor() { if (!monitor) { throw new Error('Monitor not initialized. Call initializeMonitor() first.'); } return monitor; }

// index.ts import { initializeMonitor, getMonitor } from './lib/monitor';

const monitor = initializeMonitor();

// Graceful shutdown - ensures queued errors are sent before exit process.on('SIGTERM', async () => { console.log('Shutting down gracefully...'); await getMonitor().close(); process.exit(0); });

process.on('SIGINT', async () => { console.log('Shutting down gracefully...'); await getMonitor().close(); process.exit(0); });`

Why? Long-running servers need: - Single instance to avoid memory leaks - Graceful shutdown to flush queued errors before exit - Process signal handlers for clean termination

`$3`

Serverless environments handle lifecycle automatically. Create the client directly:

`typescript // lib/monitor.ts import { MonitorClient } from '@ceon-oy/monitor-sdk';

export const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: process.env.CEON_MONITOR_ENDPOINT!, environment: process.env.NODE_ENV, batchSize: 1, // Send immediately (no batching for short-lived functions) });`

Why no explicit shutdown? - Each request is isolated and short-lived - The platform handles process lifecycle - No persistent process to clean up - SetbatchSize: 1 to send errors immediately (don't wait for batch)

For API routes that need guaranteed delivery:`typescript // app/api/something/route.ts import { monitor } from '@/lib/monitor';

export async function POST(request: Request) { try { // ... your logic } catch (error) { monitor.captureError(error as Error); await monitor.flush(); // Ensure error is sent before response } }`

`$3`

| Environment | Initialize Pattern | Graceful Shutdown | batchSize | |-------------|-------------------|-------------------|-----------| | Express/Fastify/Node.js |initializeMonitor()+ singleton | Yes (SIGTERM/SIGINT handlers) | Default (10) | | Next.js (App Router) | Direct instantiation | No | 1 (recommended) | | Next.js (API Routes) | Direct instantiation | No, but callflush()| 1 (recommended) | | Vercel/AWS Lambda | Direct instantiation | No, but callflush()| 1 (required) | | Docker/Kubernetes |initializeMonitor() + singleton | Yes (for graceful pod termination) | Default (10) |

`Features`

`$3`

#### Capture an Error

`typescript try { // ... your code } catch (error) { await monitor.captureError(error as Error, { severity: 'ERROR', // DEBUG, INFO, WARNING, ERROR, CRITICAL route: '/api/users', // API route or page path method: 'POST', // HTTP method statusCode: 500, // HTTP status code userAgent: req.headers['user-agent'], ip: req.ip, requestId: req.id, metadata: { // Any additional data userId: '123', action: 'create_user', }, }); }`

#### Capture a Message

`typescript await monitor.captureMessage('Payment processed', 'INFO', { route: '/api/payments', metadata: { orderId: '456', amount: 99.99 }, });`

`$3`

#### Automatic Tracking

Enable trackDependencies: true to automatically sync your package.json dependencies:

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', trackDependencies: true, });`

#### Manual Reporting

`typescript await monitor.reportTechnologies([ { name: 'node', version: '20.10.0', type: 'runtime' }, { name: 'express', version: '4.18.2', type: 'framework' }, { name: 'prisma', version: '5.0.0', type: 'database' }, ]);`

`$3`

Scan your dependencies for security vulnerabilities and report them to Ceon Monitor.

`typescript // Basic audit const result = await monitor.auditDependencies();

if (result) { console.log(Scan complete: ${result.processed} vulnerabilities found); console.log(Critical: ${result.summary.critical}, High: ${result.summary.high}); }

// Audit a specific project directory await monitor.auditDependencies({ projectPath: '/path/to/project', environment: 'production', });`

#### Supported Package Managers

The SDK automatically detects your package manager based on lock files:

| Package Manager | Detection | Audit Command | |-----------------|-----------|---------------| | npm |package-lock.json (default) | npm audit --json| | yarn |yarn.lock | yarn audit --json| | pnpm |pnpm-lock.yaml | npm audit --json (compatibility) |

No configuration needed - the SDK auto-detects and uses the appropriate audit command.

#### Automatic Auditing (Recommended)

Enable autoAudit: true to let the SDK automatically scan for vulnerabilities based on the interval configured in the Ceon Monitor dashboard:

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', autoAudit: true, // Enable automatic vulnerability scanning });`

With autoAuditenabled: - SDK fetches the scan interval from the server on startup - Runs an initial vulnerability scan - Schedules recurring scans based on server configuration (e.g., every 24 hours) - Responds to on-demand "Run Scan" requests from the dashboard (polled every 5 minutes)

Configure the scan interval in the Ceon Monitor dashboard under the project's Vulnerabilities page.

#### Multi-Directory Vulnerability Auditing

For projects with separate server and client directories (or monorepos), use auditPaths to scan multiple directories:

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', autoAudit: true, auditPaths: [ { path: '.', environment: 'server' }, { path: '../client', environment: 'client' }, ], // Also track dependencies from both trackDependencies: true, dependencySources: [ { path: './package.json', environment: 'server' }, { path: '../client/package.json', environment: 'client' }, ], });`

With auditPathsconfigured: - Each directory is scanned independently usingnpm audit- Results are tagged with the environment label (e.g., 'server', 'client') - All vulnerabilities appear in a single project dashboard - Use the environment filter in the dashboard to view specific environments

You can also manually trigger a multi-directory audit:

`typescript const result = await monitor.auditMultiplePaths(); if (result) { console.log('Audit results by environment:'); for (const env of result.results) { console.log( ${env.environment}: ${env.processed} vulnerabilities); } console.log('Total:', result.totalSummary); }`

#### Manual Scheduled Auditing

If you prefer manual control over scheduling:

`typescript // Run on app startup monitor.auditDependencies();

// Run daily via cron import cron from 'node-cron';

cron.schedule('0 3 *', async () => { await monitor.auditDependencies(); });

// Or using setInterval setInterval(async () => { await monitor.auditDependencies(); }, 24 60 60 * 1000); // Daily`

`$3`

#### Report Security Event

`typescript await monitor.reportSecurityEvent({ eventType: 'FAILED_LOGIN', category: 'AUTHENTICATION', severity: 'MEDIUM', ip: '192.168.1.1', identifier: 'user@example.com', metadata: { attempts: 3 }, });`

#### Check for Brute Force

`typescript const result = await monitor.checkBruteForce({ ip: '192.168.1.1', identifier: 'user@example.com', threshold: 5, windowMinutes: 15, });

if (result.blocked) { // Block the request throw new Error('Too many attempts. Please try again later.'); }`

`Framework Examples`

`$3`

`typescript import express from 'express'; import { MonitorClient } from '@ceon-oy/monitor-sdk';

const app = express(); const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: process.env.CEON_MONITOR_ENDPOINT!, environment: process.env.NODE_ENV, trackDependencies: true, });

// Your routes app.get('/api/health', (req, res) => { res.json({ status: 'ok' }); });

// Error handling middleware app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => { monitor.captureError(err, { route: req.path, method: req.method, statusCode: 500, userAgent: req.get('user-agent'), ip: req.ip, }); res.status(500).json({ error: 'Internal server error' }); });

// Graceful shutdown process.on('SIGTERM', async () => { await monitor.close(); process.exit(0); });

app.listen(3001, () => console.log('Server running on port 3001'));`

`$3`

1. Create a monitor utility (lib/monitor.ts):

`typescript import { MonitorClient } from '@ceon-oy/monitor-sdk';

let monitor: MonitorClient | null = null;

export function getMonitor(): MonitorClient { if (!monitor) { monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: process.env.CEON_MONITOR_ENDPOINT || 'https://your-monitor-server.com', environment: process.env.NODE_ENV || 'development', trackDependencies: true, }); } return monitor; }`

2. Use in API routes (app/api/example/route.ts):

`typescript import { NextRequest, NextResponse } from 'next/server'; import { getMonitor } from '@/lib/monitor';

export async function POST(request: NextRequest) { const monitor = getMonitor();

try { const body = await request.json(); // Your logic here return NextResponse.json({ success: true }); } catch (error) { await monitor.captureError(error as Error, { route: '/api/example', method: 'POST', statusCode: 500, }); return NextResponse.json({ error: 'Internal server error' }, { status: 500 }); } }`

3. Global error handling (app/error.tsx):

`typescript 'use client';

import { useEffect } from 'react';

export default function Error({ error, reset, }: { error: Error & { digest?: string }; reset: () => void; }) { useEffect(() => { fetch('/api/log-error', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ message: error.message, stack: error.stack, digest: error.digest, }), }); }, [error]);

return (


      Something went wrong!


  );
}

4. Create error logging API route (app/api/log-error/route.ts):

`typescript import { NextRequest, NextResponse } from 'next/server'; import { getMonitor } from '@/lib/monitor';

export async function POST(request: NextRequest) { const monitor = getMonitor(); const { message, stack, digest } = await request.json();

await monitor.captureMessage(message, 'ERROR', { metadata: { stack, digest, source: 'client' }, });

return NextResponse.json({ logged: true }); }`

`$3`

For a React project with Express backend in the same folder:

`my-app/ ├── package.json ├── src/ │ ├── client/ # React frontend │ └── server/ # Express backend`

Server (src/server/index.ts):

`typescript import express from 'express'; import path from 'path'; import { MonitorClient } from '@ceon-oy/monitor-sdk';

const app = express(); app.use(express.json());

const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: process.env.CEON_MONITOR_ENDPOINT!, environment: process.env.NODE_ENV || 'development', trackDependencies: true, });

// Client error logging endpoint app.post('/api/log-client-error', async (req, res) => { const { message, stack, componentStack } = req.body; await monitor.captureMessage(message, 'ERROR', { metadata: { stack, componentStack, source: 'client' }, }); res.json({ logged: true }); });

// Global error handler app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => { monitor.captureError(err, { route: req.path, method: req.method, statusCode: 500, }); res.status(500).json({ error: 'Internal server error' }); });

// Graceful shutdown process.on('SIGTERM', async () => { await monitor.close(); process.exit(0); });

app.listen(3001, () => console.log('Server running on port 3001'));`

React Error Boundary (src/client/ErrorBoundary.tsx):

`typescript import React, { Component, ErrorInfo, ReactNode } from 'react';

interface Props { children: ReactNode; }

interface State { hasError: boolean; }

class ErrorBoundary extends Component { constructor(props: Props) { super(props); this.state = { hasError: false }; }

static getDerivedStateFromError(): State { return { hasError: true }; }

componentDidCatch(error: Error, errorInfo: ErrorInfo) { fetch('/api/log-client-error', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ message: error.message, stack: error.stack, componentStack: errorInfo.componentStack, }), }); }

render() { if (this.state.hasError) { return

`Something went wrong.`

;
    }
    return this.props.children;
  }
}

export default ErrorBoundary;`

`$3`

For projects with separate server and client folders:

`my-project/ ├── server/ │ ├── package.json │ └── src/index.ts └── client/ ├── package.json └── src/`

Server (server/src/index.ts):

`typescript import express from 'express'; import cors from 'cors'; import { MonitorClient } from '@ceon-oy/monitor-sdk';

const app = express(); app.use(cors()); app.use(express.json());

// Multi-environment dependency tracking const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: process.env.CEON_MONITOR_ENDPOINT!, environment: process.env.NODE_ENV || 'development', trackDependencies: true, dependencySources: [ { path: './package.json', environment: 'server' }, { path: '../client/package.json', environment: 'client' }, ], excludePatterns: ['@types/*'], });

// Endpoint for client-side error logging app.post('/api/log-error', async (req, res) => { const { message, stack, componentStack, url, userAgent } = req.body;

await monitor.captureMessage(message, 'ERROR', { route: url, metadata: { stack, componentStack, userAgent, source: 'client' }, });

res.json({ logged: true }); });

// Global error handler app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => { monitor.captureError(err, { route: req.path, method: req.method, statusCode: 500, userAgent: req.get('user-agent'), ip: req.ip, }); res.status(500).json({ error: 'Internal server error' }); });

// Graceful shutdown process.on('SIGTERM', async () => { await monitor.close(); process.exit(0); });

app.listen(3001, () => console.log('Server running on port 3001'));`

React Error Boundary (client/src/components/ErrorBoundary.tsx):

`typescript import React, { Component, ErrorInfo, ReactNode } from 'react';

interface Props { children: ReactNode; }

interface State { hasError: boolean; error: Error | null; }

class ErrorBoundary extends Component { constructor(props: Props) { super(props); this.state = { hasError: false, error: null }; }

static getDerivedStateFromError(error: Error): State { return { hasError: true, error }; }

componentDidCatch(error: Error, errorInfo: ErrorInfo) { fetch(${process.env.REACT_APP_API_URL}/api/log-error, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ message: error.message, stack: error.stack, componentStack: errorInfo.componentStack, url: window.location.href, userAgent: navigator.userAgent, }), }).catch(console.error); }

render() { if (this.state.hasError) { return (


          Something went wrong


      );
    }
    return this.props.children;
  }
}

export default ErrorBoundary;`

Global error handlers (client/src/index.tsx):

`typescript import React from 'react'; import ReactDOM from 'react-dom/client'; import App from './App'; import ErrorBoundary from './components/ErrorBoundary';

// Global error handlers window.onerror = (message, source, lineno, colno, error) => { fetch(${process.env.REACT_APP_API_URL}/api/log-error, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ message: String(message), stack: error?.stack, url: window.location.href, userAgent: navigator.userAgent, }), }).catch(console.error); };

window.onunhandledrejection = (event) => { fetch(${process.env.REACT_APP_API_URL}/api/log-error, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ message: event.reason?.message || 'Unhandled Promise Rejection', stack: event.reason?.stack, url: window.location.href, userAgent: navigator.userAgent, }), }).catch(console.error); };

const root = ReactDOM.createRoot(document.getElementById('root')!); root.render( );`

`Real-World Example: Full-Stack Monitoring`

This example shows how the Ceon Hours project monitors both server and client code from a single SDK installation on the server.

Project Structure:`ceon-projects/ ├── ceon-hours-api/ # Express server (SDK installed here) │ ├── package.json │ └── lib/config/monitor-setup.js └── ceon-hours-web-app/ # React client (no SDK needed) └── package.json`

1. Monitor Setup (ceon-hours-api/lib/config/monitor-setup.js):

`javascript const { MonitorClient } = require("@ceon-oy/monitor-sdk");

let monitor = null;

function getMonitor() { return monitor; }

module.exports = { initializeMonitor, getMonitor };`

2. Initialize in Server Entry (ceon-hours-api/index.js):

`javascript const { initializeMonitor, getMonitor } = require("./lib/config/monitor-setup");

// Initialize at startup const monitor = initializeMonitor();

// Export for middleware module.exports.getMonitor = getMonitor;

// Graceful shutdown process.on("SIGTERM", async () => { console.log("[CeonMonitor] Flushing pending errors..."); if (monitor) await monitor.flush(); process.exit(0); });`

3. Error Handler Middleware (ceon-hours-api/lib/middleware/errorHandler.js):

`javascript const { getMonitor } = require("../config/monitor-setup");

const errorHandler = (error, req, res, next) => { const monitor = getMonitor(); if (monitor && error.status >= 400) { monitor.captureError(error, { route: req.path, method: req.method, statusCode: error.status || 500, userAgent: req.get("user-agent"), ip: req.ip, severity: error.status >= 500 ? "ERROR" : "WARNING", }).catch(console.error); }

res.status(error.status || 500).json({ error: error.message }); };

module.exports = errorHandler;`

4. Environment Variables (.env):

`bash

`Get API key from https://ceonmonitor.com dashboard`


CEON_MONITOR_API_KEY=your-project-api-key
Endpoint options:

- Production: https://ceonmonitor.com

- Local dev: http://localhost:4040

- Docker dev: http://host.docker.internal:4040

CEON_MONITOR_ENDPOINT=https://ceonmonitor.com

$3

The dependencySources and auditPaths use relative paths from the server's working directory. For multi-project monitoring to work:

1. Directory structure must match - The client project must be at the expected relative path (e.g., ../ceon-hours-web-app) 2. Both projects must be present - If the client folder doesn't exist, only server dependencies will be tracked 3. npm must be available - Vulnerability auditing requires npm to be installed

Troubleshooting: If client dependencies aren't being tracked on other machines: - Verify the relative path is correct for that machine's directory structure - Check that the client'spackage.jsonexists at the expected path - The SDK will log warnings if paths are invalid

`API Reference`

`$3`

#### constructor(config: MonitorClientConfig)

Creates a new monitor client instance.

#### captureError(error: Error, context?: ErrorContext): Promise

Captures an error and queues it for sending.

#### captureMessage(message: string, severity?: Severity, context?: ErrorContext): Promise

Captures a log message with optional severity level.

#### reportTechnologies(technologies: Technology[]): Promise

Reports technology stack information.

#### reportSecurityEvent(event: SecurityEvent): Promise

Reports a security event.

#### checkBruteForce(params: BruteForceParams): Promise

Checks for brute force attacks.

#### auditDependencies(options?: AuditOptions): Promise

Runs npm audit and sends results to the server.

#### auditMultiplePaths(): Promise

Runs npm audit on all directories configured in auditPaths and returns a combined summary.

#### flush(): Promise

Immediately sends all queued errors.

#### close(): Promise

Flushes remaining errors and stops the client.

`Batching Behavior`

The SDK batches errors to reduce network overhead:

1. Errors are queued locally 2. Queue is flushed when: -batchSizeerrors are queued (default: 10) -flushIntervalMsmilliseconds pass (default: 5000ms) -flush()is called manually -close() is called

For serverless/edge environments where the process may terminate quickly: - SetbatchSize: 1to send immediately - Callawait monitor.flush() at the end of each request

`Building`

`bash npm install npm run build # Build for production npm run dev # Watch mode for development`

`Types`

`typescript type Severity = 'DEBUG' | 'INFO' | 'WARNING' | 'ERROR' | 'CRITICAL';

interface ErrorContext { severity?: Severity; route?: string; method?: string; statusCode?: number; userAgent?: string; ip?: string; requestId?: string; metadata?: Record; }

interface Technology { name: string; version: string; type: 'runtime' | 'framework' | 'library' | 'database' | 'tool' | 'other'; environment?: string; }

interface SecurityEvent { eventType: string; category: 'AUTHENTICATION' | 'AUTHORIZATION' | 'RATE_LIMIT' | 'SUSPICIOUS_ACTIVITY' | 'DATA_ACCESS'; severity: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL'; ip?: string; identifier?: string; metadata?: Record; }

interface AuditPath { path: string; // Directory path (e.g., '.', '../client') environment: string; // Environment label (e.g., 'server', 'client') }

interface MultiAuditSummary { results: Array<{ environment: string; scanId: string; processed: number; resolved: number; summary: { critical: number; high: number; moderate: number; low: number; info: number }; }>; totalSummary: { critical: number; high: number; moderate: number; low: number; info: number }; }``

License

MIT

npm install @ceon-oy/monitor-sdk

Ceon Monitor SDK

Lightweight client SDK for integrating with the Ceon Monitor service. Provides error reporting, technology tracking, vulnerability auditing, and security event monitoring.

Installation

``bash

`From npm (recommended)`


npm install @ceon-oy/monitor-sdk
From GitHub

npm install github:ceon-oy/ceon-monitor-sdk

Or add to your package.json:

`json { "dependencies": { "@ceon-oy/monitor-sdk": "^1.0.0" } }`

`Related`

- Ceon Monitor - Main monitoring server and dashboard

`Quick Start`

`typescript import { MonitorClient } from '@ceon-oy/monitor-sdk';

// Capture an error try { await riskyOperation(); } catch (error) { await monitor.captureError(error as Error, { route: '/api/users', method: 'POST', statusCode: 500, }); }

// Capture a message await monitor.captureMessage('User signed up', 'INFO', { metadata: { userId: '123', plan: 'premium' }, });

// Run vulnerability audit await monitor.auditDependencies();

// Flush and close before shutdown await monitor.close();`

`Configuration`

`$3`

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', environment: 'production', });`

`$3`

For projects with separate server and client folders:

`Initialization Patterns by Runtime`

The SDK initialization pattern depends on your application's runtime environment:

`$3`

Traditional Node.js servers run as persistent processes. Use explicit initialization and graceful shutdown:

`typescript // lib/monitor.ts import { MonitorClient } from '@ceon-oy/monitor-sdk';

let monitor: MonitorClient | null = null;

export function getMonitor() { if (!monitor) { throw new Error('Monitor not initialized. Call initializeMonitor() first.'); } return monitor; }

// index.ts import { initializeMonitor, getMonitor } from './lib/monitor';

const monitor = initializeMonitor();

// Graceful shutdown - ensures queued errors are sent before exit process.on('SIGTERM', async () => { console.log('Shutting down gracefully...'); await getMonitor().close(); process.exit(0); });

process.on('SIGINT', async () => { console.log('Shutting down gracefully...'); await getMonitor().close(); process.exit(0); });`

Why? Long-running servers need: - Single instance to avoid memory leaks - Graceful shutdown to flush queued errors before exit - Process signal handlers for clean termination

`$3`

Serverless environments handle lifecycle automatically. Create the client directly:

`typescript // lib/monitor.ts import { MonitorClient } from '@ceon-oy/monitor-sdk';

For API routes that need guaranteed delivery:`typescript // app/api/something/route.ts import { monitor } from '@/lib/monitor';

export async function POST(request: Request) { try { // ... your logic } catch (error) { monitor.captureError(error as Error); await monitor.flush(); // Ensure error is sent before response } }`

`$3`

`Features`

`$3`

#### Capture an Error

#### Capture a Message

`typescript await monitor.captureMessage('Payment processed', 'INFO', { route: '/api/payments', metadata: { orderId: '456', amount: 99.99 }, });`

`$3`

#### Automatic Tracking

Enable trackDependencies: true to automatically sync your package.json dependencies:

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', trackDependencies: true, });`

#### Manual Reporting

`$3`

Scan your dependencies for security vulnerabilities and report them to Ceon Monitor.

`typescript // Basic audit const result = await monitor.auditDependencies();

if (result) { console.log(Scan complete: ${result.processed} vulnerabilities found); console.log(Critical: ${result.summary.critical}, High: ${result.summary.high}); }

// Audit a specific project directory await monitor.auditDependencies({ projectPath: '/path/to/project', environment: 'production', });`

#### Supported Package Managers

The SDK automatically detects your package manager based on lock files:

No configuration needed - the SDK auto-detects and uses the appropriate audit command.

#### Automatic Auditing (Recommended)

Enable autoAudit: true to let the SDK automatically scan for vulnerabilities based on the interval configured in the Ceon Monitor dashboard:

`typescript const monitor = new MonitorClient({ apiKey: process.env.CEON_MONITOR_API_KEY!, endpoint: 'https://monitor.example.com', autoAudit: true, // Enable automatic vulnerability scanning });`

Configure the scan interval in the Ceon Monitor dashboard under the project's Vulnerabilities page.

#### Multi-Directory Vulnerability Auditing

For projects with separate server and client directories (or monorepos), use auditPaths to scan multiple directories:

You can also manually trigger a multi-directory audit:

#### Manual Scheduled Auditing

If you prefer manual control over scheduling:

`typescript // Run on app startup monitor.auditDependencies();

// Run daily via cron import cron from 'node-cron';

cron.schedule('0 3 *', async () => { await monitor.auditDependencies(); });

// Or using setInterval setInterval(async () => { await monitor.auditDependencies(); }, 24 60 60 * 1000); // Daily`

`$3`

#### Report Security Event

#### Check for Brute Force

`typescript const result = await monitor.checkBruteForce({ ip: '192.168.1.1', identifier: 'user@example.com', threshold: 5, windowMinutes: 15, });

if (result.blocked) { // Block the request throw new Error('Too many attempts. Please try again later.'); }`

`Framework Examples`

`$3`

`typescript import express from 'express'; import { MonitorClient } from '@ceon-oy/monitor-sdk';

// Your routes app.get('/api/health', (req, res) => { res.json({ status: 'ok' }); });

// Graceful shutdown process.on('SIGTERM', async () => { await monitor.close(); process.exit(0); });

app.listen(3001, () => console.log('Server running on port 3001'));`

`$3`

1. Create a monitor utility (lib/monitor.ts):

`typescript import { MonitorClient } from '@ceon-oy/monitor-sdk';

let monitor: MonitorClient | null = null;

2. Use in API routes (app/api/example/route.ts):

`typescript import { NextRequest, NextResponse } from 'next/server'; import { getMonitor } from '@/lib/monitor';

export async function POST(request: NextRequest) { const monitor = getMonitor();

3. Global error handling (app/error.tsx):

`typescript 'use client';

import { useEffect } from 'react';

return (


      Something went wrong!


  );
}

4. Create error logging API route (app/api/log-error/route.ts):

`typescript import { NextRequest, NextResponse } from 'next/server'; import { getMonitor } from '@/lib/monitor';

export async function POST(request: NextRequest) { const monitor = getMonitor(); const { message, stack, digest } = await request.json();

await monitor.captureMessage(message, 'ERROR', { metadata: { stack, digest, source: 'client' }, });

return NextResponse.json({ logged: true }); }`

`$3`

For a React project with Express backend in the same folder:

`my-app/ ├── package.json ├── src/ │ ├── client/ # React frontend │ └── server/ # Express backend`

Server (src/server/index.ts):

`typescript import express from 'express'; import path from 'path'; import { MonitorClient } from '@ceon-oy/monitor-sdk';

const app = express(); app.use(express.json());

// Graceful shutdown process.on('SIGTERM', async () => { await monitor.close(); process.exit(0); });

app.listen(3001, () => console.log('Server running on port 3001'));`

React Error Boundary (src/client/ErrorBoundary.tsx):

`typescript import React, { Component, ErrorInfo, ReactNode } from 'react';

interface Props { children: ReactNode; }

interface State { hasError: boolean; }

class ErrorBoundary extends Component { constructor(props: Props) { super(props); this.state = { hasError: false }; }

static getDerivedStateFromError(): State { return { hasError: true }; }

render() { if (this.state.hasError) { return

`Something went wrong.`

;
    }
    return this.props.children;
  }
}

export default ErrorBoundary;`

`$3`

For projects with separate server and client folders:

`my-project/ ├── server/ │ ├── package.json │ └── src/index.ts └── client/ ├── package.json └── src/`

Server (server/src/index.ts):

`typescript import express from 'express'; import cors from 'cors'; import { MonitorClient } from '@ceon-oy/monitor-sdk';

const app = express(); app.use(cors()); app.use(express.json());

// Endpoint for client-side error logging app.post('/api/log-error', async (req, res) => { const { message, stack, componentStack, url, userAgent } = req.body;

await monitor.captureMessage(message, 'ERROR', { route: url, metadata: { stack, componentStack, userAgent, source: 'client' }, });

res.json({ logged: true }); });

// Global error handler app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => { monitor.captureError(err, { route: req.path, method: req.method, statusCode: 500, userAgent: req.get('user-agent'), ip: req.ip, }); res.status(500).json({ error: 'Internal server error' }); });

// Graceful shutdown process.on('SIGTERM', async () => { await monitor.close(); process.exit(0); });

app.listen(3001, () => console.log('Server running on port 3001'));`

React Error Boundary (client/src/components/ErrorBoundary.tsx):

`typescript import React, { Component, ErrorInfo, ReactNode } from 'react';

interface Props { children: ReactNode; }

interface State { hasError: boolean; error: Error | null; }

class ErrorBoundary extends Component { constructor(props: Props) { super(props); this.state = { hasError: false, error: null }; }

static getDerivedStateFromError(error: Error): State { return { hasError: true, error }; }

render() { if (this.state.hasError) { return (


          Something went wrong


      );
    }
    return this.props.children;
  }
}