@opentelemetry/instrumentation-http
Advanced tools
OpenTelemetry instrumentation for `node:http` and `node:https` http client and server modules
The @opentelemetry/instrumentation-http package is part of the OpenTelemetry project, which provides a collection of tools, APIs, and SDKs to instrument, generate, collect, and export telemetry data (metrics, logs, and traces) to help you analyze your software's performance and behavior. This specific package provides automatic instrumentation for HTTP and HTTPS requests in Node.js applications, allowing developers to capture detailed information about incoming and outgoing requests.
Automatic Tracing of HTTP Requests
This feature automatically traces all HTTP and HTTPS requests made or received by your application. The code sample initializes a NodeTracerProvider, registers it, and then enables the HTTP instrumentation to start tracing HTTP requests.
const { NodeTracerProvider } = require('@opentelemetry/node');
const { HttpInstrumentation } = require('@opentelemetry/instrumentation-http');
const provider = new NodeTracerProvider();
provider.register();
const httpInstrumentation = new HttpInstrumentation();
httpInstrumentation.enable();Configurable Instrumentation
This feature allows developers to configure which requests should be ignored by the instrumentation. In the code sample, the instrumentation is configured to ignore incoming requests to '/healthz' and outgoing requests to 'example.com'.
const { HttpInstrumentation } = require('@opentelemetry/instrumentation-http');
const httpInstrumentation = new HttpInstrumentation({
ignoreIncomingPaths: [ /healthz/ ],
ignoreOutgoingUrls: [ /example.com/ ]
});
httpInstrumentation.enable();dd-trace is a DataDog tracing library that also provides automatic instrumentation for HTTP requests among other integrations. It is similar to @opentelemetry/instrumentation-http but is specifically tailored for integration with DataDog's monitoring and analytics platform, whereas OpenTelemetry provides vendor-neutral instrumentation.
Note: This is an experimental package under active development. New releases may include breaking changes.
This module provides automatic instrumentation for http and https.
For automatic instrumentation see the @opentelemetry/sdk-trace-node package.
npm install --save @opentelemetry/instrumentation-http
>=14OpenTelemetry HTTP Instrumentation allows the user to automatically collect telemetry and export it to their backend of choice, to give observability to distributed systems.
To load a specific instrumentation (HTTP in this case), specify it in the Node Tracer's configuration.
const { HttpInstrumentation } = require('@opentelemetry/instrumentation-http');
const {
ConsoleSpanExporter,
NodeTracerProvider,
SimpleSpanProcessor,
} = require('@opentelemetry/sdk-trace-node');
const { registerInstrumentations } = require('@opentelemetry/instrumentation');
const provider = new NodeTracerProvider({
spanProcessors: [new SimpleSpanProcessor(new ConsoleSpanExporter())]
});
provider.register();
registerInstrumentations({
instrumentations: [new HttpInstrumentation()],
});
See examples/http for a short example.
Http instrumentation has a few configuration options available to choose from. You can set the following:
| Options | Type | Description |
|---|---|---|
applyCustomAttributesOnSpan | HttpCustomAttributeFunction | Function for adding custom attributes |
requestHook | HttpRequestCustomAttributeFunction | Function for adding custom attributes before request is handled |
responseHook | HttpResponseCustomAttributeFunction | Function for adding custom attributes before response is handled |
startIncomingSpanHook | StartIncomingSpanCustomAttributeFunction | Function for adding custom attributes before a span is started in incomingRequest |
startOutgoingSpanHook | StartOutgoingSpanCustomAttributeFunction | Function for adding custom attributes before a span is started in outgoingRequest |
ignoreIncomingRequestHook | IgnoreIncomingRequestFunction | Http instrumentation will not trace all incoming requests that matched with custom function |
ignoreOutgoingRequestHook | IgnoreOutgoingRequestFunction | Http instrumentation will not trace all outgoing requests that matched with custom function |
disableOutgoingRequestInstrumentation | boolean | Set to true to avoid instrumenting outgoing requests at all. This can be helpful when another instrumentation handles outgoing requests. |
disableIncomingRequestInstrumentation | boolean | Set to true to avoid instrumenting incoming requests at all. This can be helpful when another instrumentation handles incoming requests. |
serverName | string | The primary server name of the matched virtual host. |
requireParentforOutgoingSpans | Boolean | Require that is a parent span to create new span for outgoing requests. |
requireParentforIncomingSpans | Boolean | Require that is a parent span to create new span for incoming requests. |
headersToSpanAttributes | object | List of case insensitive HTTP headers to convert to span attributes. Client (outgoing requests, incoming responses) and server (incoming requests, outgoing responses) headers will be converted to span attributes in the form of http.{request|response}.header.header_name, e.g. http.response.header.content_length |
Prior to version 0.54.0, this instrumentation created spans targeting an experimental semantic convention Version 1.7.0.
HTTP semantic conventions (semconv) were stabilized in v1.23.0, and a migration process was defined.
instrumentation-http versions 0.54.0 and later include support for migrating to stable HTTP semantic conventions, as described below.
The intent is to provide an approximate 6 month time window for users of this instrumentation to migrate to the new HTTP semconv, after which a new minor version will use the new semconv by default and drop support for the old semconv.
See the HTTP semconv migration plan for OpenTelemetry JS instrumentations.
To select which semconv version(s) is emitted from this instrumentation, use the OTEL_SEMCONV_STABILITY_OPT_IN environment variable.
http: emit the new (stable) v1.23.0+ semanticshttp/dup: emit both the old v1.7.0 and the new (stable) v1.23.0+ semanticsOTEL_SEMCONV_STABILITY_OPT_IN includes neither of the above tokens, the old v1.7.0 semconv is used.| v1.7.0 semconv | v1.23.0 semconv | Short Description |
|---|---|---|
http.client_ip | client.address | The IP address of the original client behind all proxies, if known |
http.flavor | network.protocol.version | Kind of HTTP protocol used |
http.host | server.address | The value of the HTTP host header |
http.method | http.request.method | HTTP request method |
http.request_content_length | (opt-in, headersToSpanAttributes) | The size of the request payload body in bytes. For newer semconv, use the headersToSpanAttributes: option to capture this as http.request.header.content_length. |
http.request_content_length_uncompressed | (not included) | The size of the uncompressed request payload body after transport decoding. (In semconv v1.23.0 this is defined by http.request.body.size, which is experimental and opt-in.) |
http.response_content_length | (opt-in, headersToSpanAttributes) | The size of the response payload body in bytes. For newer semconv, use the headersToSpanAttributes: option to capture this as http.response.header.content_length. |
http.response_content_length_uncompressed | (not included) | The size of the uncompressed response payload body after transport decoding. (In semconv v1.23.0 this is defined by http.response.body.size, which is experimental and opt-in.) |
http.route | no change | The matched route (path template). |
http.scheme | url.scheme | The URI scheme identifying the used protocol |
http.server_name | server.address | The primary server name of the matched virtual host |
http.status_code | http.response.status_code | HTTP response status code |
http.target | url.path and url.query | The URI path and query component |
http.url | url.full | Full HTTP request URL in the form scheme://host[:port]/path?query[#fragment] |
http.user_agent | user_agent.original | Value of the HTTP User-Agent header sent by the client |
net.host.ip | network.local.address | Like net.peer.ip but for the host IP. Useful in case of a multi-IP host |
net.host.name | server.address | Local hostname or similar |
net.host.port | server.port | Like net.peer.port but for the host port |
net.peer.ip. | network.peer.address | Remote address of the peer (dotted decimal for IPv4 or RFC5952 for IPv6) |
net.peer.name | server.address | Server domain name if available without reverse DNS lookup |
net.peer.port | server.port | Server port number |
net.transport | network.transport | Transport protocol used |
Metrics Exported:
When upgrading to the new semantic conventions, it is recommended to do so in the following order:
@opentelemetry/instrumentation-http to the latest versionOTEL_SEMCONV_STABILITY_OPT_IN=http/dup to emit both old and new semantic conventionsOTEL_SEMCONV_STABILITY_OPT_IN=http to emit only the new semantic conventionsThis will cause both the old and new semantic conventions to be emitted during the transition period.
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry instrumentation for `node:http` and `node:https` http client and server modules
The npm package @opentelemetry/instrumentation-http receives a total of 6,471,528 weekly downloads. As such, @opentelemetry/instrumentation-http popularity was classified as popular.
We found that @opentelemetry/instrumentation-http demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.