Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
@opentelemetry/instrumentation-ioredis
Advanced tools
Readme
This module provides automatic instrumentation for the ioredis
module, which may be loaded using the @opentelemetry/sdk-trace-node
package and is included in the @opentelemetry/auto-instrumentations-node
bundle.
If total installation size is not constrained, it is recommended to use the @opentelemetry/auto-instrumentations-node
bundle with @opentelemetry/sdk-node for the most seamless instrumentation experience.
Compatible with OpenTelemetry JS API and SDK 1.0+
.
npm install --save @opentelemetry/instrumentation-ioredis
>=2.0.0 <6
To load a specific instrumentation (ioredis in this case), specify it in the registerInstrumentations's configuration
const { NodeTracerProvider } = require('@opentelemetry/sdk-trace-node');
const {
IORedisInstrumentation,
} = require('@opentelemetry/instrumentation-ioredis');
const { registerInstrumentations } = require('@opentelemetry/instrumentation');
const provider = new NodeTracerProvider();
provider.register();
registerInstrumentations({
instrumentations: [
new IORedisInstrumentation({
// see under for available configuration
}),
],
});
IORedis instrumentation has few options available to choose from. You can set the following:
Options | Type | Description |
---|---|---|
dbStatementSerializer | DbStatementSerializer | IORedis instrumentation will serialize db.statement using the specified function. |
requestHook | RedisRequestCustomAttributeFunction (function) | Function for adding custom attributes on db request. Receives params: span, { moduleVersion, cmdName, cmdArgs } |
responseHook | RedisResponseCustomAttributeFunction (function) | Function for adding custom attributes on db response |
requireParentSpan | boolean | Require parent to create ioredis span, default when unset is true |
The instrumentation serializes the command into a Span attribute called db.statement
. The standard serialization format attempts to be as informative
as possible while avoiding the export of potentially sensitive data. The number of serialized arguments depends on the specific command, see the configuration
list in @opentelemetry/redis-common
.
It is also possible to define a custom serialization function. The function will receive the command name and arguments and must return a string.
Here is a simple example to serialize the command name skipping arguments:
const { IORedisInstrumentation } = require('@opentelemetry/instrumentation-ioredis');
const ioredisInstrumentation = new IORedisInstrumentation({
dbStatementSerializer: function (cmdName, cmdArgs) {
return cmdName;
},
});
requestHook
Instrumentation user can configure a custom "hook" function which will be called on every request with the relevant span and request information. User can then set custom attributes on the span or run any instrumentation-extension logic per request.
Here is a simple example that adds a span attribute of ioredis
instrumented version on each request:
const { IORedisInstrumentation } = require('@opentelemetry/instrumentation-ioredis');
const ioredisInstrumentation = new IORedisInstrumentation({
requestHook: function (
span: Span,
requestInfo: IORedisRequestHookInformation
) {
if (requestInfo.moduleVersion) {
span.setAttribute(
'instrumented_library.version',
requestInfo.moduleVersion
);
}
}
});
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry ioredis automatic instrumentation package.
The npm package @opentelemetry/instrumentation-ioredis receives a total of 514,666 weekly downloads. As such, @opentelemetry/instrumentation-ioredis popularity was classified as popular.
We found that @opentelemetry/instrumentation-ioredis demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.