Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@fastly/open-insights-provider-fastly

Package Overview
Dependencies
Maintainers
56
Versions
14
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@fastly/open-insights-provider-fastly

An Open Insights provider for Fastly

  • 1.0.1
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
56
Created
Source

Open Insights Provider Fastly

An Open Insights provider for Fastly.

Installation

Open Insights is a framework for building RUM clients. Therefore, you do not install and run the Fastly provider directly within your application, but instead register the provider alongside others in your Open Insights package to build your own customized RUM client.

First install the provider as a package dependency:

npm install --save @fastly/open-insights-provider-fastly

Then import, configure with your API token and any desired settings, and register with Open Insights prior to initializing:

import { init, ClientSettingsBuilder } from '@openinsights/openinsights';
import { Provider } from '@fastly/open-insights-provider-fastly';

const settingsBuilder = new ClientSettingsBuilder();
const fastlySettings = {
 token: 'c8cff1f2-6917-49e2-80ed-db9dca391bd3'
};

settingsBuilder.addProvider(new Provider(fastlySettings));

// Execute a RUM session
init(settingsBuilder.toSettings())
    .then(result => {
        // `result` contains the results from the RUM session after
        // completion
    });

Configuration

In the majority of cases, the installation described above and the libraries default settings should be fine. However, in some cases you may want more fine-grained control over the providers runtime behavior.

The settings object accepts the following properties:

NameTypeDescription
max_tasksintThe maximum number of tasks the provider will run on any given session
report_errorsboolWhether the provider will beacon its own internal errors
sample_ratefloatA float between 0 and 1 to control the sample rate for each session
tokenstringYour Fastly provided API token

Development

Requirements

  • Node.js >= 6 (brew install node)

Install

git clone git@github.com:fastly/open-insights-provider-fastly.git
cd open-insights-provider-fastly
npm install
npm run build

Running

Most actions you'd like to perform whilst developing the provider are defined as NPM scripts tasks and can be invoked using npm run {task}.

A list of all commands and their description can be found below.

NameDescription
buildCompiles the application for production environments
lintLints the source files for TypeScript errors and style errors using ESLint
testRuns the linting and unit test suite
test:onceRuns the unit test suite once with coverage output
test:watchRuns the unit test suite in watch mode

FAQ

What is it?

The provider is an optional service deployed by some Fastly customers (normally via Insights.js) for network and performance monitoring and research purposes. It does not collect any personal data. We are only interested in your network, to make the internet work better.

We collect information about HTTP and HTTPS network transactions, including: network routing, performance timing, and equipment characteristics. Measurements are recorded to analyze the performance of the Fastly network and overall state of the internet.

The provider configuration is served via Fastly’s CDN. All collected data is sent back to the Fastly Insights service and log streamed using Fastly’s log streaming to a Fastly managed data warehouse for subsequent analysis.

How does it work?

The provider is deployed to websites via an Open Insights RUM client.

All tasks are run as low-priority requests and are designed not to interfere with the user's current page navigation or alter the host page’s Document Object Model (DOM) in any way, to prevent it from accessing first-party data on the page or affecting page load performance.

Each task fetches one or more objects from the network and gathers timing information associated with the request (using the ResourceTiming API) and any other browser information required by the task. See below for the full list of task types.

The results of each task are normalized (such as IP anonymization, see full list of task types for further information regarding normalization) and the data is then beaconed back to the Fastly Insights service via a POST request to fastly-insights.com/beacon.

The service then adds additional data available from Fastly’s standard logging variables related to the network request and logs all final data to a Fastly managed data warehouse.

Request flow

Request flow

  1. Page load.
  2. Fetches configuration from Fastly Insights service.
  3. Tasks are executed (see also: full list of task types and data collected):
    1. Network requests made to test objects.
    2. Task information recorded on the client.
  4. Task information is beaconed back to the Fastly Insights service.
  5. Additional information is recorded at the Fastly Insights service before ingestion.
  6. Information collected in step 3 and 5 is logged to a Fastly managed data warehouse for post-processing.

What type of information does Fastly Insights collect?

The following table lists each of the possible tasks Fastly Insights may run on a host web page:

NameDescriptionClient data*Request metadata*
POPIntended to measure the latency and topology of client connections to Fastly’s point of presence (POP) data centers.
  • network timing
  • network characteristics
  • browser type (User-Agent header value is automatically normalized to browser vendor and version)
  • DNS recursive resolver
  • operating system
    • anonymized Internet Protocol (IP) addresses (client IP addresses are automatically truncated to a /28 network prefix for IPv4 and /58 for IPv6 addresses)
    • country or city-level geographic location
    • date/time stamps
    • network characteristics unique to the client connection
    • browser capabilities: TLS protocol and cipher suites
    FetchIntended to measure the performance characteristics of a Fastly Insights owned HTTP endpoint. For experimentation and diagnostic purposes.
    • anonymized Internet Protocol (IP) addresses (client IP addresses are automatically truncated to a /28 network prefix for IPv4 and /58 for IPv6 addresses)
    • country or city-level geographic location
    • date/time stamps
    • network characteristics unique to the client connection
    • browser capabilities: TLS protocol and cipher suites

    *Note: Client data is collected on the client within a browser and Request metadata is collected on the Fastly Insights service.

    What does Fastly use Fastly Insights information for?

    Fastly uses the data collected to identify trends and performance heuristics for clients interacting with Fastly and its services. Fastly's use, and potential disclosure, of the data includes:

    • Monitoring Fastly’s network and performance
    • Improving the accuracy of DNS query answers
    • Improving Fastly's capacity and network planning
    • A/B testing and comparison of the performance of new technologies to improve Fastly services
    • Research initiatives to inform technology decisions
    • Research initiatives to inform case studies
    • Research initiatives for academic purposes and to feed back to the wider community
    • Responding to performance and other related inquiries from Fastly’s customers

    Privacy concerns

    As described above in this FAQ, the information collected is statistical data and does not include personally identifiable data. Client IP addresses are truncated, and user-agent strings normalized before ingestion. See the full list of task types for a list of data collected.

    Fastly Insights does not read or write any data to persistent storage in the browser, which includes cookies. Fastly Insights does not interact with cookies. We do not store any information across browsing sessions.

    We may retain the raw information collected from individual Fastly Insights sessions for up to one year. We may retain aggregate information indefinitely.

    License

    MIT

    FAQs

    Package last updated on 05 May 2021

    Did you know?

    Socket

    Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

    Install

    Related posts

    SocketSocket SOC 2 Logo

    Product

    • Package Alerts
    • Integrations
    • Docs
    • Pricing
    • FAQ
    • Roadmap
    • Changelog

    Packages

    npm

    Stay in touch

    Get open source security insights delivered straight into your inbox.


    • Terms
    • Privacy
    • Security

    Made with ⚡️ by Socket Inc