Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@opentelemetry/sdk-node
Advanced tools
The @opentelemetry/sdk-node package is part of the OpenTelemetry project, which aims to provide a set of APIs, libraries, agents, and instrumentation to provide observability for applications. Specifically, the @opentelemetry/sdk-node package is designed for Node.js applications and allows developers to collect traces and metrics, and export them to various observability backends for analysis. This helps in monitoring applications, understanding performance bottlenecks, and troubleshooting issues.
Tracing
This feature allows the collection of trace data, which represents the lifecycle of a request through the system. The code sample initializes a tracer provider, sets up a span processor with a Jaeger exporter, and registers the provider. This setup enables the tracing of operations and requests, facilitating the monitoring and debugging of distributed systems.
const { NodeTracerProvider } = require('@opentelemetry/sdk-node');
const { SimpleSpanProcessor } = require('@opentelemetry/tracing');
const { JaegerExporter } = require('@opentelemetry/exporter-jaeger');
const provider = new NodeTracerProvider();
provider.addSpanProcessor(new SimpleSpanProcessor(new JaegerExporter()));
provider.register();
Metrics
This feature enables the collection and export of metrics data, such as counters, gauges, and histograms. The code sample demonstrates how to set up a MeterProvider with a Prometheus exporter, which collects metrics data and makes it available for scraping by Prometheus at a specified port. This is useful for monitoring application performance and resource usage.
const { MeterProvider } = require('@opentelemetry/sdk-node');
const { PrometheusExporter } = require('@opentelemetry/exporter-prometheus');
const meterProvider = new MeterProvider({
exporter: new PrometheusExporter({ port: 9464 }),
interval: 1000
});
meterProvider.start();
Jaeger-client is a Node.js library for reporting tracing data to Jaeger, a distributed tracing system. While it is focused specifically on integration with Jaeger, @opentelemetry/sdk-node provides a more flexible approach, allowing for the export of traces to multiple backends, not just Jaeger.
Prom-client is a Node.js client library for Prometheus metrics. It is similar to the metrics functionality provided by @opentelemetry/sdk-node but is dedicated solely to Prometheus metrics collection and exposition. In contrast, @opentelemetry/sdk-node supports multiple metrics backends and integrates with the broader OpenTelemetry ecosystem for observability.
Note: This is an experimental package under active development. New releases may include breaking changes.
This package provides the full OpenTelemetry SDK for Node.js including tracing and metrics.
Note: Much of OpenTelemetry JS documentation is written assuming the compiled application is run as CommonJS. For more details on ECMAScript Modules vs CommonJS, refer to esm-support.
To get started you need to install @opentelemetry/sdk-node
, a metrics and/or tracing exporter, and any appropriate instrumentation for the node modules used by your application.
$ # Install the SDK
$ npm install @opentelemetry/sdk-node
$ # Install exporters and plugins
$ npm install \
@opentelemetry/exporter-jaeger \ # add tracing exporters as needed
@opentelemetry/exporter-prometheus \ # add metrics exporters as needed
@opentelemetry/instrumentation-http # add instrumentations as needed
$ # or install all officially supported core and contrib plugins
$ npm install @opentelemetry/auto-instrumentations-node
Note: this example is for Node.js. See examples/opentelemetry-web for a browser example.
Before any other module in your application is loaded, you must initialize the SDK. If you fail to initialize the SDK or initialize it too late, no-op implementations will be provided to any library which acquires a tracer or meter from the API.
This example uses Jaeger and Prometheus, but exporters exist for other tracing backends.
As shown in the installation instructions, exporters passed to the SDK must be installed alongside @opentelemetry/sdk-node
.
const opentelemetry = require("@opentelemetry/sdk-node");
const { JaegerExporter } = require("@opentelemetry/exporter-jaeger");
const { PrometheusExporter } = require("@opentelemetry/exporter-prometheus");
const {
getNodeAutoInstrumentations,
} = require("@opentelemetry/auto-instrumentations-node");
const jaegerExporter = new JaegerExporter();
const prometheusExporter = new PrometheusExporter();
const sdk = new opentelemetry.NodeSDK({
// Optional - if omitted, the tracing SDK will be initialized from environment variables
traceExporter: jaegerExporter,
// Optional - If omitted, the metrics SDK will not be initialized
metricReader: prometheusExporter,
// Optional - you can use the metapackage or load each instrumentation individually
instrumentations: [getNodeAutoInstrumentations()],
// See the Configuration section below for additional configuration options
});
sdk.start();
// You can also use the shutdown method to gracefully shut down the SDK before process shutdown
// or on some operating system signal.
const process = require("process");
process.on("SIGTERM", () => {
sdk
.shutdown()
.then(
() => console.log("SDK shut down successfully"),
(err) => console.log("Error shutting down SDK", err)
)
.finally(() => process.exit(0));
});
Below is a full list of configuration options which may be passed into the NodeSDK
constructor;
Detect resources automatically from the environment using the default resource detectors. Default true
.
Use a custom context manager. Default: AsyncHooksContextManager
Use a custom propagator. Default: CompositePropagator using W3C Trace Context and Baggage
Deprecated, please use logRecordProcessors instead.
An array of log record processors to register to the logger provider.
Merge user-provided resources with the default resource. Default true
.
The default will change to false
in a future iteration of this package.
Add a MetricReader
that will be passed to the MeterProvider
. If metricReader
is not configured,
the metrics SDK will not be initialized and registered.
A list of views to be passed to the MeterProvider
.
Accepts an array of View-instances.
This parameter can be used to configure explicit bucket sizes of histogram metrics.
Configure instrumentations. By default none of the instrumentation is enabled, if you want to enable them you can use either metapackage or configure each instrumentation individually.
Configure a resource. Resources may also be detected by using the autoDetectResources
method of the SDK.
Configure resource detectors. By default, the resource detectors are [envDetector, processDetector, hostDetector].
NOTE: In order to enable the detection, the parameter autoDetectResources
has to be true
.
If resourceDetectors
was not set, you can also use the environment variable OTEL_NODE_RESOURCE_DETECTORS
to enable only certain detectors, or completely disable them:
env
host
os
process
serviceinstance
(experimental)all
- enable all resource detectors above
@opentelemetry/sdk-node
may include additional detectors that will be covered by this scope.none
- disable resource detectionFor example, to enable only the env
, host
detectors:
export OTEL_NODE_RESOURCE_DETECTORS="env,host"
Configure a custom sampler. By default, all traces will be sampled.
Deprecated, please use spanProcessors instead.
An array of span processors to register to the tracer provider.
Configure a trace exporter. If an exporter is configured, it will be used with a BatchSpanProcessor. If an exporter OR span processor is not configured programmatically, this package will auto setup the default otlp
exporter with http/protobuf
protocol with a BatchSpanProcessor
.
Configure tracing parameters. These are the same trace parameters used to configure a tracer.
Configure the service name.
Disable the SDK by setting the OTEL_SDK_DISABLED
environment variable to true
.
Set the log level by setting the OTEL_LOG_LEVEL
environment variable to enums:
NONE
,ERROR
,WARN
,INFO
,DEBUG
,VERBOSE
,ALL
.The default level is INFO
.
This is an alternative to programmatically configuring an exporter or span processor. For traces this package will auto setup the default otlp
exporter with http/protobuf
protocol if traceExporter
or spanProcessor
hasn't been passed into the NodeSDK
constructor.
Environment variable | Description |
---|---|
OTEL_TRACES_EXPORTER | List of exporters to be used for tracing, separated by commas. Options include otlp , jaeger , zipkin , and none . Default is otlp . none means no autoconfigured exporter. |
OTEL_LOGS_EXPORTER | List of exporters to be used for logging, separated by commas. Options include otlp , console and none . Default is otlp . none means no autoconfigured exporter. |
Environment variable | Description |
---|---|
OTEL_EXPORTER_OTLP_PROTOCOL | The transport protocol to use on OTLP trace, metric, and log requests. Options include grpc , http/protobuf , and http/json . Default is http/protobuf . |
OTEL_EXPORTER_OTLP_TRACES_PROTOCOL | The transport protocol to use on OTLP trace requests. Options include grpc , http/protobuf , and http/json . Default is http/protobuf . |
OTEL_EXPORTER_OTLP_METRICS_PROTOCOL | The transport protocol to use on OTLP metric requests. Options include grpc , http/protobuf , and http/json . Default is http/protobuf . |
OTEL_EXPORTER_OTLP_LOGS_PROTOCOL | The transport protocol to use on OTLP log requests. Options include grpc , http/protobuf , and http/json . Default is http/protobuf . |
Additionally, you can specify other applicable environment variables that apply to each exporter such as the following:
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry SDK for Node.js
We found that @opentelemetry/sdk-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.