Security Measures for Frontend Tracing in SigNoz
TLDR Marc raised concerns about the security of sending traces from the frontend to the backend. Ankit suggested security measures such as API_KEY, HTTPS, CSRF protection, and CORS handling. The discussion is ongoing about finding the best approach.
Mar 02, 2023 (9 months ago)
I’m wondering about security in sending traces from the frontend to the backend. Couldn’t anyone send traces to the backend to try and make a DDOS attack. Is the collector built with this in mind? Is there an approach to ensure only authorized applications can send trace, log and metrics to the collector?
cc: Ankit Will this be prioritized in upcoming weeks?
Thanks for the reply
I was think more about telemetry coming from web browsers. I think the article link in the issue https://medium.com/opentelemetry/securing-your-opentelemetry-collector-1a4f9fa5bd6f is for an OTel agent connecting to with the collector. I would expect that viable within a k8s cluster, but not so viable for web browsers
• Client Authorisation using API_KEY
• CSRF protection
• CORS handling
Mar 03, 2023 (9 months ago)
Mar 04, 2023 (9 months ago)
There would need to be limits placed to avoid buffering too much data and either a rolling window of data to remove the oldest data as the buffer becomes full, or stop adding data after a certain point.
Mar 05, 2023 (9 months ago)
Indexed 1023 threads (61% resolved)
Troubleshooting Signoz Dashboard Not Showing Traces
prasanth encountered issues with Signoz dashboard not displaying traces. Srikanth recommended configuring the `OTEL_EXPORTER_OTLP_ENDPOINT`, but they are still facing issues with the exporter's connection.
Multi-Destination Export with OTEL Collector and SigNoz
Alex wants to export telemetry to multiple services. Srikanth suggests using OTEL collector to forward data to both SigNoz and DataDog.
Replacing Grafana Elastic and Prometheus Setup with SigNoz
Dipen is trying to replace the current setup with SigNoz. Both Nocnica and Srikanth provide possible solutions including using OpenTelemetry and target allocator respectively.
Troubleshooting SigNoz Auto-Instrumentation Configuration
igor is having trouble configuring auto-instrumentation for Java applications using SigNoz, with traces not appearing in the SigNoz UI. Prashant advises to check logs of the otel sidecar, use service name for endpoint, verify supported libraries, and test with telemetrygen. However, the issue still persists.
Parsing JSON Logs in Kubernetes for Different Applications
Nick sought advice on parsing JSON logs in Kubernetes for apps without OTEL support. nitya-signoz suggested using additional operators, creating pipelines, and mapping according to the business logic.