Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/open-telemetry/opentelemetry-collector-contrib/exporter/elasticexporter
- Version published
- Created
Elastic native support for OpenTelemetry
Deprecated Elastic Exporter
| Status | |
|---|---|
| Stability | deprecated |
| Supported pipeline types | traces, metrics |
| Distributions | contrib |
ℹ️ This exporter has been deprecated due to Elastic APM Server supporting native OTLP ingestion since version 7.13. This means you can use an OTLP exporter to send data to Elastic APM Server, instead of the OpenTelemetry Collector Exporter for Elastic. The otlp exporter is the recommended way to integrate the OpenTelemetry Collector to Elastic.
For more details, see the Elastic documentation to integrate with OpenTelemetry.
Sample configurations
Sample configuration using an Elastic APM Secret Token
When authenticating with an Elastic APM Secret Token, define an Authorization: "Bearer xxx" header on the OTLP exporter:
...
exporters:
otlp/elastic:
endpoint: "xxx.elastic-cloud.com:443"
headers:
Authorization: "Bearer your-apm-secret-token"
service:
pipelines:
metrics:
receivers:
- otlp
processors:
- batch
exporters:
- otlp/elastic
traces:
receivers:
- otlp
processors:
- batch
exporters:
- otlp/elastic
Sample configuration using an Elastic API Key
When authenticating with an Elastic API Key, define an Authorization: "ApiKey xxx" header on the OTLP exporter:
exporters:
otlp/elastic:
endpoint: "xxx.elastic-cloud.com:443"
headers:
Authorization: "ApiKey your-api-key"
...
Sample configuration for an insecure setup disabling TLS and authentication
exporters:
otlp/elastic:
endpoint: "localhost:8200"
tls:
insecure: true
Migration
ℹ️ The native support of OpenTelemetry by Elastic doesn't remove the architectural benefits of using the OpenTelemetry Collector in observability architectures. The OpenTelemetry Collector continues to add high availability, scalability, retries, live reconfiguration (like with sampling), data enrichment, ingestion of various protocols such as Jaeger or Zipkin, etc.
To migrate from the legacy OpenTelemetry Collector exporter for Elastic to the native support of OpenTelemetry in Elastic, replace the OpenTelemetry Collector's elastic exporter with an otlp exporter.
Sample migration:
...
exporters:
## REMOVE THE DEFINITION OF THE `ELASTIC` EXPORTER
# elastic:
# apm_server_url: "https://elasticapm.example.com"
# secret_token: "hunter2"
## INTRODUCE THE DEFINITION OF AN `OTLP` EXPORTER (SAME ELASTIC HOST, SAME AUTHENTICATION TOKEN OR KEY, DON'T FORGET TO SPECIFY THE LISTEN PORT)
otlp/elastic:
endpoint: "xxx.elastic-cloud.com:443"
headers:
Authorization: "Bearer hunter2"
service:
pipelines:
metrics:
receivers:
- otlp
processors:
- batch
exporters:
## REMOVE THE `ELASTIC` EXPORTER
# - elastic
## ADD THE `OTLP` EXPORTER
- otlp/elastic
traces:
receivers:
- otlp
processors:
- batch
exporters:
## REMOVE THE `ELASTIC` EXPORTER
# - elastic
## ADD THE `OTLP` EXPORTER
- otlp/elastic
Legacy OpenTelemetry Collector Exporter for Elastic
This exporter supports sending OpenTelemetry data to Elastic Observability.
Complete documentation is available on Elastic.co.
Configuration options
apm_server_url(required): Elastic APM Server URL.api_key(optional): credential for API Key authorization, if enabled in Elastic APM Server.secret_token(optional): credential for Secret Token authorization, if enabled in Elastic APM Server.tls:ca_file(optional): root Certificate Authority (CA) certificate, for verifying the server's identity, if TLS is enabled.cert_file(optional): client TLS certificate.key_file(optional): client TLS key.insecure(optional): disable verification of the server's identity, if TLS is enabled.
Example
exporters:
elastic:
apm_server_url: "https://elasticapm.example.com"
secret_token: "hunter2"
FAQs
Unknown package
Package last updated on 04 Aug 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024