You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current instrumentation for mysql2 is tracing the full query with all the column values which may contain sensitive information and act as an hindrance for adoption in production environment.
The consensus in OTEP 100 is that this mechanism will be provided in the collector but not necessarily in-process for all languages.
@fbogsany Actually I am not able to find such mentions in the link. Infact the internal details section mentions about having a lexer in the opentelemetry-java-instrumentation which will help to replace sensitive values with ?.
Quoting the internal section reference here:
That said, I have worked on sql normalization at three prior APM companies and am working on contributing a simple first version of one for the opentelemetry-auto-instr-java repo. It is based on using a lexer to parse out sql numeric and string literals and replacing them with a ?, exactly as described above and done by many APM products on the market.
The current instrumentation for
mysql2
is tracing the full query with all the column values which may contain sensitive information and act as an hindrance for adoption in production environment.https://github.com/open-telemetry/opentelemetry-ruby/blob/master/instrumentation/mysql2/lib/opentelemetry/instrumentation/mysql2/patches/client.rb#L37
Also Opentelemetry specification mentions that sensitive information can be excluded from the
db.statement
span attribute.It will help us in faster adoption if we can follow a similar approach like Newrelic which has an Obfuscation util to mask values from query statements. https://github.com/newrelic/newrelic-ruby-agent/blob/006dd1bb8174e6f49c495c7e1a8ca543de9ceb93/lib/new_relic/agent/database/obfuscator.rb#L57
The text was updated successfully, but these errors were encountered: