From f626644f74f16c2ed222add49609f851d4604c49 Mon Sep 17 00:00:00 2001 From: Robert Pickering Date: Thu, 21 Nov 2024 11:19:06 +0100 Subject: [PATCH 1/7] remove single step from public doc --- .../threats/setup/_index.md | 9 +- .../threats/setup/single_step/_index.md | 310 ------------------ 2 files changed, 2 insertions(+), 317 deletions(-) delete mode 100644 content/en/security/application_security/threats/setup/single_step/_index.md diff --git a/content/en/security/application_security/threats/setup/_index.md b/content/en/security/application_security/threats/setup/_index.md index 461ef5bdaac62..acaf9c120722b 100644 --- a/content/en/security/application_security/threats/setup/_index.md +++ b/content/en/security/application_security/threats/setup/_index.md @@ -14,16 +14,11 @@ Before setting up Threat Management, ensure the following prerequisites are met: There are two main approaches to enable Threat Management on your tracing libraries: Single-Step Instrumentation and Datadog Tracing Libraries. -### Single-Step Instrumentation - -Run a one-line install command to install the Datadog Agent, and enable [Threat Management with Single-Step Instrumentation][2]. - ### Datadog Tracing Libraries -Add an environment variable or a new argument to your [Datadog Tracing Library configuration][3]. +Add an environment variable or a new argument to your [Datadog Tracing Library configuration][2]. By following these steps, you'll successfully set up Threat Management for your application or service, monitoring services that are under attack and protecting them against attacks. [1]: /security/application_security/threats/setup/compatibility -[2]: /security/application_security/threats/setup/single_step -[3]: /security/application_security/threats/setup/threat_detection +[2]: /security/application_security/threats/setup/threat_detection diff --git a/content/en/security/application_security/threats/setup/single_step/_index.md b/content/en/security/application_security/threats/setup/single_step/_index.md deleted file mode 100644 index 977801fe27cc4..0000000000000 --- a/content/en/security/application_security/threats/setup/single_step/_index.md +++ /dev/null @@ -1,310 +0,0 @@ ---- -title: Enabling ASM threat detection and protection using single step instrumentation -aliases: -- /security/application_security/enabling/single_step/threat_detection/ ---- - -
Enabling ASM threat detection and protection using single step instrumentation is in Preview.
- - -## Requirements - -- **Minimum Agent version 7.53.0** -- **Minimum Helm version 3.62.0** (For Kubernetes deployments) -- **Languages and architectures**: Single step ASM instrumentation only supports tracing Java, Python, Ruby, Node.js, and .NET Core services on `x86_64` and `arm64` architectures. -- **Operating systems**: Linux VMs (Debian, Ubuntu, Amazon Linux, CentOS/Red Hat, Fedora), Docker, Kubernetes clusters with Linux containers. - -## Enabling in one step - -If you [install or update a Datadog Agent][1] with the **Enable Threat Protection (new)** option selected, the Agent is installed and configured to enable ASM. This allows you to automatically instrument your application, without any additional installation or configuration steps. Restart services for this instrumentation to take effect. - - -{{< img src="/security/application_security/single_step/asm_single_step_threat_detection_2.png" alt="Account settings Ubuntu setup page highlighting the toggle for Enabling APM instrumentation and Threat Protection." style="width:100%;" >}} - -The following examples show how it works on each infrastructure type. - -{{< tabs >}} -{{% tab "Linux host or VM" %}} - -With one command, you can install, configure, and start the Agent, while also instrumenting your services with ASM. - -For an Ubuntu host: - -1. Run the one-line installation command: - - ```shell - DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_APPSEC_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" - ``` - - a. Replace `` with your [Datadog API key][4]. - - b. Replace `` with your [Datadog site][3]. -
- You can also optionally configure the following: - -
-2. Exit your current shell session. -3. Start a new shell session. -4. Restart the services on the host or VM. -5. [Explore the performance observability of your services in Datadog][5]. - -**Note:** To configure single-step for both ASM Threat Protection and Code Security, add the environment variables `DD_APPSEC_ENABLED=true` _and_ `DD_IAST_ENABLED=true` to your one-line installation command. - -### Specifying tracing library versions {#lib-linux} - -By default, enabling APM on your server installs support for Java, Python, Ruby, Node.js, and .NET Core services. If you only have services implemented in some of these languages, set `DD_APM_INSTRUMENTATION_LIBRARIES` in your one-line installation command: - -```shell -DD_APM_INSTRUMENTATION_LIBRARIES="java:1.25.0,python" DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_APPSEC_ENABLED=true DD_ENV=staging bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" -``` - -You can optionally provide a version number for the tracing library by placing a colon after the language name and specifying the tracing library version. If you don't specify a version, it defaults to the latest version. Language names are comma-separated. - -Supported languages include: - -- .NET (`dotnet`) -- Python (`python`) -- Java (`java`) -- Node.js (`js`) -- Ruby (`ruby`) - -**Note**: For the Node.js tracing library, different versions of Node.js are compatible with different versions of the Node.js tracing library. See [DataDog/dd-trace-js: JavaScript APM Tracer][6] for more information. - -### Tagging observability data by environment {#env-linux} - -Set `DD_ENV` in your one-line installation command for Linux to automatically tag instrumented services and other telemetry that pass through the Agent with a specific environment. For example, if the Agent is installed in your staging environment, set `DD_ENV=staging` to associate your observability data with `staging`. - -For example: - -```shell -DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_APPSEC_ENABLED=true DD_ENV=staging bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" -``` - -[2]: /agent/remote_config -[3]: /getting_started/site/ -[4]: https://app.datadoghq.com/organization-settings/api-keys -[5]: /service_catalog/ -[6]: https://github.com/DataDog/dd-trace-js?tab=readme-ov-file#version-release-lines-and-maintenance - -{{% /tab %}} - -{{% tab "Docker" %}} - -For a Docker Linux container: - -1. Install the library injector: - ```shell - DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true DD_APPSEC_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" - ``` -2. Configure the Agent in Docker: - ```shell - docker run -d --name dd-agent \ - -e DD_API_KEY=${YOUR_DD_API_KEY} \ - -e DD_APM_ENABLED=true \ - -e DD_APPSEC_ENABLED=true \ - -e DD_APM_NON_LOCAL_TRAFFIC=true \ - -e DD_DOGSTATSD_NON_LOCAL_TRAFFIC=true \ - -e DD_APM_RECEIVER_SOCKET=/opt/datadog/apm/inject/run/apm.socket \ - -e DD_DOGSTATSD_SOCKET=/opt/datadog/apm/inject/run/dsd.socket \ - -v /opt/datadog/apm:/opt/datadog/apm \ - -v /var/run/docker.sock:/var/run/docker.sock:ro \ - gcr.io/datadoghq/agent:7 - ``` - Replace `` with your [Datadog API][5]. -
- You can also optionally configure the following: - -
-3. Restart the Docker containers. -4. [Explore the performance observability of your services in Datadog][6]. - -### Specifying tracing library versions {#lib-docker} - -By default, enabling APM on your server installs support for Java, Python, Ruby, Node.js, and .NET services. If you only have services implemented in some of these languages, set `DD_APM_INSTRUMENTATION_LIBRARIES` when running the installation script. - -For example, to install support for only v1.25.0 of the Java tracing library and the latest Python tracing library, add the following to the installation command: - -```shell -DD_APM_INSTRUMENTATION_LIBRARIES="java:1.25.0,python" DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true DD_APPSEC_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" -``` - -You can optionally provide a version number for the tracing library by placing a colon after the language name and specifying the tracing library version. If you don't specify a version, it defaults to the latest version. Language names are comma-separated. - -Supported languages include: - -- .NET (`dotnet`) -- Python (`python`) -- Java (`java`) -- Node.js (`js`) -- Ruby (`ruby`) - -**Note**: For the Node.js tracing library, different versions of Node.js are compatible with different versions of the Node.js tracing library. See [DataDog/dd-trace-js: JavaScript APM Tracer][7] for more information. - -### Tagging observability data by environment {#env-docker} - -Set `DD_ENV` in the library injector installation command for Docker to automatically tag instrumented services and other telemetry that pass through the Agent with a specific environment. For example, if the Agent is installed in your staging environment, set `DD_ENV=staging` to associate your observability data with `staging`. - -For example: - -{{< highlight shell "hl_lines=5" >}} -docker run -d --name dd-agent \ - -e DD_API_KEY=${YOUR_DD_API_KEY} \ - -e DD_APM_ENABLED=true \ - -e DD_APPSEC_ENABLED=true \ - -e DD_ENV=staging \ - -e DD_APM_NON_LOCAL_TRAFFIC=true \ - -e DD_DOGSTATSD_NON_LOCAL_TRAFFIC=true \ - -e DD_APM_RECEIVER_SOCKET=/opt/datadog/apm/inject/run/apm.socket \ - -e DD_DOGSTATSD_SOCKET=/opt/datadog/apm/inject/run/dsd.socket \ - -v /opt/datadog/apm:/opt/datadog/apm \ - -v /var/run/docker.sock:/var/run/docker.sock:ro \ - gcr.io/datadoghq/agent:7 -{{< /highlight >}} - -[5]: https://app.datadoghq.com/organization-settings/api-keys -[6]: /service_catalog/ -[7]: https://github.com/DataDog/dd-trace-js?tab=readme-ov-file#version-release-lines-and-maintenance - - -{{% /tab %}} - -{{% tab "Kubernetes" %}} - -You can enable APM by installing the Agent with the Datadog Helm chart. This deploys the Datadog Agent across all nodes in your Linux-based Kubernetes cluster with a DaemonSet. - -**Note**: Single step instrumentation doesn't instrument applications in the namespace where you install the Datadog Agent. It's recommended to install the Agent in a separate namespace in your cluster where you don't run your applications. - -### Requirements - -- Make sure you have [Helm][13] installed. - -### Installation - -To enable single step instrumentation with Helm: - -1. Add the Helm Datadog repo: - - ```bash - helm repo add datadog https://helm.datadoghq.com - helm repo update - ``` -2. Create a Kubernetes Secret to store your Datadog [API key][10]: - - ```bash - kubectl create secret generic datadog-secret --from-literal api-key=$DD_API_KEY - -[7]: https://v3.helm.sh/docs/intro/install/ -[8]: https://kubernetes.io/docs/tasks/tools/install-kubectl/ -[9]: https://github.com/DataDog/helm-charts/tree/master/charts/datadog-operator -[10]: https://app.datadoghq.com/organization-settings/api-keys -[11]: https://app.datadoghq.com/organization-settings/application-keys -[12]: /getting_started/site -[13]: https://v3.helm.sh/docs/intro/install/ -[14]: https://github.com/DataDog/helm-charts/blob/master/charts/datadog/values.yaml -[15]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#enabling-or-disabling-instrumentation-for-namespaces -[16]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#specifying-tracing-library-versions -[17]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#removing-instrumentation-for-specific-services - -{{% /tab %}} -{{< /tabs >}} - -## Removing Single Step APM and ASM instrumentation from your Agent - -If you don't want to collect trace data for a particular service, host, VM, or container, complete the follow steps: - -### Removing instrumentation for specific services - -Run the following commands and restart the service to stop injecting the library into the service and stop producing traces from that service. - -{{< tabs >}} -{{% tab "Linux host or VM" %}} - -1. Add the `DD_INSTRUMENT_SERVICE_WITH_APM` environment variable to the service startup command: - - ```shell - DD_INSTRUMENT_SERVICE_WITH_APM=false - ``` -2. Restart the service. - -3. To disable ASM, remove the `DD_APPSEC_ENABLED=true` environment variable from your application configuration, and restart your service. - - - -{{% /tab %}} - -{{% tab "Docker" %}} - -1. Add the `DD_INSTRUMENT_SERVICE_WITH_APM` environment variable to the service startup command: - ```shell - docker run -e DD_INSTRUMENT_SERVICE_WITH_APM=false - ``` -2. Restart the service. - -3. To disable ASM, remove the `DD_APPSEC_ENABLED=true` environment variable from your application configuration, and restart your service. -{{% /tab %}} - -{{% tab "Kubernetes" %}} - -1. Set the `admission.datadoghq.com/enabled:` label to `"false"` for the pod spec: - - ```yaml - spec: - template: - metadata: - labels: - admission.datadoghq.com/enabled: "false" - -{{% /tab %}} - -{{< /tabs >}} - -### Removing APM for all services on the infrastructure - -To stop producing traces, remove library injectors and restart the infrastructure: - -{{< tabs >}} -{{% tab "Linux host or VM" %}} - -1. Run: - ```shell - dd-host-install --uninstall - ``` -2. Restart your host. - -{{% /tab %}} - -{{% tab "Docker" %}} - -1. Uninstall local library injection: - ```shell - dd-container-install --uninstall - ``` -2. Restart Docker: - ```shell - systemctl restart docker - ``` - Or use the equivalent for your environment. - -{{% /tab %}} - -{{% tab "Kubernetes" %}} - -1. Under `apm:`, remove `instrumentation:` and all following configuration in `datadog-values.yaml`. -2. Under `asm:`, remove `threats:` and all following configuration in`datadog-values.yaml`. -3. Run the following command: - - ```bash - helm upgrade datadog-agent -f datadog-values.yaml datadog/datadog -{{% /tab %}} - -{{< /tabs >}} - -[1]: https://app.datadoghq.com/account/settings/agent/latest -[2]: /agent/remote_config - From d39c39efe6b7c70cb96770eff4c0abbc795e3a59 Mon Sep 17 00:00:00 2001 From: Robert Pickering Date: Thu, 21 Nov 2024 13:17:14 +0100 Subject: [PATCH 2/7] redirect instead of delete --- .../application_security/threats/setup/single_step/_index.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 content/en/security/application_security/threats/setup/single_step/_index.md diff --git a/content/en/security/application_security/threats/setup/single_step/_index.md b/content/en/security/application_security/threats/setup/single_step/_index.md new file mode 100644 index 0000000000000..1f78c20046a24 --- /dev/null +++ b/content/en/security/application_security/threats/setup/single_step/_index.md @@ -0,0 +1,4 @@ +--- +title: Enabling ASM threat detection and protection using single step instrumentation +external_redirect: /security/application_security/threats/setup/ +--- \ No newline at end of file From 32dd0f36372bf08a13bb2c9509122b8fe10b5038 Mon Sep 17 00:00:00 2001 From: Robert Pickering Date: Thu, 21 Nov 2024 13:21:30 +0100 Subject: [PATCH 3/7] remove from menus as well --- config/_default/menus/main.en.yaml | 5 ----- config/_default/menus/main.fr.yaml | 5 ----- config/_default/menus/main.ja.yaml | 5 ----- 3 files changed, 15 deletions(-) diff --git a/config/_default/menus/main.en.yaml b/config/_default/menus/main.en.yaml index 3bb71b466d3e4..4a8368d3a850c 100644 --- a/config/_default/menus/main.en.yaml +++ b/config/_default/menus/main.en.yaml @@ -5927,11 +5927,6 @@ menu: parent: appsec_threats_management_setup identifier: appsec_compat_threats_mgmt weight: 701 - - name: Using Single Step Instrumentation - url: security/application_security/threats/setup/single_step/ - parent: appsec_threats_management_setup - identifier: appsec_threats_setup_using_single_step - weight: 702 - name: Using Datadog Tracing Libraries url: security/application_security/threats/setup/threat_detection/ parent: appsec_threats_management_setup diff --git a/config/_default/menus/main.fr.yaml b/config/_default/menus/main.fr.yaml index fd32015620743..8e13fadd852c3 100644 --- a/config/_default/menus/main.fr.yaml +++ b/config/_default/menus/main.fr.yaml @@ -5468,11 +5468,6 @@ menu: parent: appsec_threats_management_setup identifier: appsec_compat_threats_mgmt weight: 701 - - name: Using Single Step Instrumentation - url: security/application_security/threats/setup/single_step/ - parent: appsec_threats_management_setup - identifier: appsec_threats_setup_using_single_step - weight: 702 - name: Using Datadog Tracing Libraries url: security/application_security/threats/setup/threat_detection/ parent: appsec_threats_management_setup diff --git a/config/_default/menus/main.ja.yaml b/config/_default/menus/main.ja.yaml index 3f5c4ca1f3a21..eb8890ab33696 100644 --- a/config/_default/menus/main.ja.yaml +++ b/config/_default/menus/main.ja.yaml @@ -5468,11 +5468,6 @@ menu: parent: appsec_threats_management_setup identifier: appsec_compat_threats_mgmt weight: 701 - - name: Using Single Step Instrumentation - url: security/application_security/threats/setup/single_step/ - parent: appsec_threats_management_setup - identifier: appsec_threats_setup_using_single_step - weight: 702 - name: Using Datadog Tracing Libraries url: security/application_security/threats/setup/threat_detection/ parent: appsec_threats_management_setup From 542d9e93b9b312bc4010d5ffb5a3d0fa95281725 Mon Sep 17 00:00:00 2001 From: Robert Pickering Date: Thu, 21 Nov 2024 13:56:06 +0100 Subject: [PATCH 4/7] remove more references --- content/en/profiler/enabling/ruby.md | 3 - .../code_security/_index.md | 3 +- .../code_security/setup/_index.md | 343 ------------------ 3 files changed, 1 insertion(+), 348 deletions(-) diff --git a/content/en/profiler/enabling/ruby.md b/content/en/profiler/enabling/ruby.md index f733b1d42cae8..0f76adc14cb43 100644 --- a/content/en/profiler/enabling/ruby.md +++ b/content/en/profiler/enabling/ruby.md @@ -41,9 +41,6 @@ This utility is available on the software repositories of most Linux distributio Continuous Profiler is not supported on serverless platforms, such as AWS Lambda. -[Single Step Instrumentation](https://docs.datadoghq.com/tracing/trace_collection/automatic_instrumentation/single-step-apm/) is not supported for Linux hosts, VMs, or Docker. -Single Step Instrumentation is supported for Kubernetes (using the Datadog Helm chart), but you need to manually set the `DD_PROFILING_ENABLED=true` environment variable to enable profiling. - ## Installation To begin profiling applications: diff --git a/content/en/security/application_security/code_security/_index.md b/content/en/security/application_security/code_security/_index.md index fcdb1f30ae36a..4c3bf06713eda 100644 --- a/content/en/security/application_security/code_security/_index.md +++ b/content/en/security/application_security/code_security/_index.md @@ -113,7 +113,7 @@ Recommendations enable you to change the status of a vulnerability, assign it to ## Enabling Code Security -To enable Code Security, you can use [Single Step Instrumentation][8] or configure the [Datadog Tracing Library][9]. Detailed instructions for both methods can be found in the [**Security > Application Security > Settings**][10] section. +To enable Code Security configure the [Datadog Tracing Library][9]. Detailed instructions for both methods can be found in the [**Security > Application Security > Settings**][10] section. If you need additional help, contact [Datadog support][11]. @@ -128,7 +128,6 @@ If you need additional help, contact [Datadog support][11]. [5]: /security/application_security/code_security/setup/compatibility/ [6]: https://docs.google.com/forms/d/1wsgbd80eImvJSjXe5y5VCjAW0zzn5p3CoCLsOy0vqsk/ [7]: /integrations/github/ -[8]: /security/application_security/code_security/setup/ [9]: /security/application_security/code_security/setup/ [10]: https://app.datadoghq.com/security/configuration/asm/setup [11]: https://www.datadoghq.com/support/ diff --git a/content/en/security/application_security/code_security/setup/_index.md b/content/en/security/application_security/code_security/setup/_index.md index ff4aad0253652..39dbcbbb6cc23 100644 --- a/content/en/security/application_security/code_security/setup/_index.md +++ b/content/en/security/application_security/code_security/setup/_index.md @@ -26,349 +26,6 @@ Before setting up Code Security, ensure the following prerequisites are met: 2. **Datadog APM Configuration:** Datadog APM is configured for your application or service, and web traces (`type:web`) are being received by Datadog. 3. **Supported Tracing Library:** The Datadog Tracing Library used by your application or service supports Code Security capabilities for the language of your application or service. For more details, refer to the [Library Compatibility][1] page. -## Code Security Enablement Types - -There are two main approaches to enable Code Security on your tracing libraries: Single-Step Instrumentation and Datadog Tracing Libraries. - -### Single-Step Instrumentation - -Run a one-line install command to install the Datadog Agent, and enable Code Security with Single-Step Instrumentation. - -### Datadog Tracing Libraries -Add an environment variable or a new argument to your Datadog Tracing Library configuration. - -By following these steps, you'll successfully set up Code Security for your application or service, ensuring comprehensive monitoring and identification of code-level vulnerabilities at runtime. - - -## Enabling Code Security using single step instrumentation - -### Requirements - -- **Minimum Agent version 7.53.0** -- **Minimum Datadog Helm chart version 3.62.0** (for Kubernetes deployments). -- **Languages and architectures**: Single step instrumentation for Code Security only supports tracing Java, Node.js, .NET Core services on `x86_64` and `arm64` architectures, and Python (support available in Preview). -- **Operating systems**: Linux VMs (Debian, Ubuntu, Amazon Linux, CentOS/Red Hat, Fedora), Docker, Kubernetes clusters with Linux containers. - -### Enabling in one step - -If you install or update a Datadog Agent with the **Enable Code Security** option selected, the Agent is installed and configured to enable detection of code-level vulnerabilities in your applications. This allows you to automatically instrument your application, without any additional installation or configuration steps. Restart services for this instrumentation to take effect. - - -{{< img src="/security/application_security/single_step/asm_single_step_code_security.png" alt="Account settings Ubuntu setup page highlighting the toggle for Enabling APM instrumentation and ASM for Code Security." style="width:100%;" >}} - -The following examples show how it works on each infrastructure type. - -{{< tabs >}} -{{% tab "Linux host or VM" %}} - -With one command, you can install, configure, and start the Agent, while also instrumenting your services with Application Security options. - -For an Ubuntu host: - -1. Run the one-line installation command: - - ```shell - DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_IAST_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" - ``` - - a. Replace `` with your [Datadog API key][4]. - - b. Replace `` with your [Datadog site][3]. -
- You can also optionally configure the following: - -
-2. Exit your current shell session. -3. Start a new shell session. -4. Restart the services on the host or VM. -5. [Explore the performance observability of your services in Datadog][5]. - -**Note:** To configure single-step for **both** Code Security and Threat Protection, add **both** the `DD_IAST_ENABLED=true` _and_ `DD_APPSEC_ENABLED=true` environment variables to your one-line installation command. - -### Specifying tracing library versions {#lib-linux} - -By default, enabling APM on your server installs support for Java, Node.js, .NET Core, and Python services. If you only have services implemented in some of these languages, set `DD_APM_INSTRUMENTATION_LIBRARIES` in your one-line installation command: - -```shell -DD_APM_INSTRUMENTATION_LIBRARIES="java:1.25.0,python" DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_IAST_ENABLED=true DD_ENV=staging bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" -``` - -You can optionally provide a version number for the tracing library by placing a colon after the language name and specifying the tracing library version. If you don't specify a version, it defaults to the latest version. Language names are comma-separated. - -Supported languages include: - -- Java (`java`) -- Node.js (`js`) -- .NET (`dotnet`) -- Python (`python`) - -**Note**: For the Node.js tracing library, different versions of Node.js are compatible with different versions of the Node.js tracing library. See [DataDog/dd-trace-js: JavaScript APM Tracer][6] for more information. - -### Tagging observability data by environment {#env-linux} - -Set `DD_ENV` in your one-line installation command for Linux to automatically tag instrumented services and other telemetry that pass through the Agent with a specific environment. For example, if the Agent is installed in your staging environment, set `DD_ENV=staging` to associate your observability data with `staging`. - -For example: - -```shell -DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_IAST_ENABLED=true DD_ENV=staging bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" -``` - -[2]: /agent/remote_config -[3]: /getting_started/site/ -[4]: https://app.datadoghq.com/organization-settings/api-keys -[5]: /service_catalog/ -[6]: https://github.com/DataDog/dd-trace-js?tab=readme-ov-file#version-release-lines-and-maintenance - -{{% /tab %}} - -{{% tab "Docker" %}} - -For a Docker Linux container: - -1. Install the library injector: - ```shell - DD_IAST_ENABLED=true DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" - ``` -2. Configure the Agent in Docker: - ```shell - docker run -d --name dd-agent \ - -e DD_API_KEY=${YOUR_DD_API_KEY} \ - -e DD_SITE=${YOUR_DD_SITE} \ - -e DD_APM_ENABLED=true \ - -e DD_APM_NON_LOCAL_TRAFFIC=true \ - -e DD_APM_RECEIVER_SOCKET=/var/run/datadog/apm.socket \ - -e DD_DOGSTATSD_SOCKET=/var/run/datadog/dsd.socket \ - -v /var/run/datadog:/var/run/datadog \ - -v /var/run/docker.sock:/var/run/docker.sock:ro \ - -v /proc/:/host/proc/:ro \ - -v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ - -v /var/lib/docker/containers:/var/lib/docker/containers:ro \ - gcr.io/datadoghq/agent:7 - ``` - a. Replace `` with your [Datadog API][5]. - - b. Replace `` with your [Datadog site][3]. -
- You can also optionally configure the following: - -
-3. Restart the Docker containers. -4. [Explore the performance observability of your services in Datadog][6]. - -### Specifying tracing library versions {#lib-docker} - -By default, enabling APM on your server installs support for Java, Python, Node.js, and .NET services. If you only have services implemented in some of these languages, set `DD_APM_INSTRUMENTATION_LIBRARIES` when running the installation script. - -For example, to install support for only v1.25.0 of the Java tracing library and the latest Python tracing library, add the following to the installation command: - -```shell -DD_APM_INSTRUMENTATION_LIBRARIES="java:1.25.0,python" DD_IAST_ENABLED=true DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" -``` - -You can optionally provide a version number for the tracing library by placing a colon after the language name and specifying the tracing library version. If you don't specify a version, it defaults to the latest version. Language names are comma-separated. - -Supported languages include: - -- Java (`java`) -- Node.js (`js`) -- .NET (`dotnet`) -- Python (`python`) - -**Note**: For the Node.js tracing library, different versions of Node.js are compatible with different versions of the Node.js tracing library. See [DataDog/dd-trace-js: JavaScript APM Tracer][7] for more information. - -### Tagging observability data by environment {#env-docker} - -Set `DD_ENV` in the library injector installation command for Docker to automatically tag instrumented services and other telemetry that pass through the Agent with a specific environment. For example, if the Agent is installed in your staging environment, set `DD_ENV=staging` to associate your observability data with `staging`. - -For example: - -{{< highlight shell "hl_lines=5" >}} -docker run -d --name dd-agent \ - -e DD_API_KEY=${YOUR_DD_API_KEY} \ - -e DD_APM_ENABLED=true \ - -e DD_ENV=staging \ - -e DD_APM_NON_LOCAL_TRAFFIC=true \ - -e DD_DOGSTATSD_NON_LOCAL_TRAFFIC=true \ - -e DD_APM_RECEIVER_SOCKET=/opt/datadog/apm/inject/run/apm.socket \ - -e DD_DOGSTATSD_SOCKET=/opt/datadog/apm/inject/run/dsd.socket \ - -v /opt/datadog/apm:/opt/datadog/apm \ - -v /var/run/docker.sock:/var/run/docker.sock:ro \ - gcr.io/datadoghq/agent:7 -{{< /highlight >}} - -[3]: /getting_started/site/ -[5]: https://app.datadoghq.com/organization-settings/api-keys -[6]: /service_catalog/ -[7]: https://github.com/DataDog/dd-trace-js?tab=readme-ov-file#version-release-lines-and-maintenance - - -{{% /tab %}} - -{{% tab "Kubernetes" %}} - -You can enable APM by installing the Agent with the Datadog Helm chart. This deploys the Datadog Agent across all nodes in your Linux-based Kubernetes cluster with a DaemonSet. - -
Single step instrumentation doesn't instrument applications in the namespace where you install the Datadog Agent. It's recommended to install the Agent in a separate namespace in your cluster where you don't run your applications.
- -### Requirements - -- Make sure you have [Helm][13] installed. - -### Installation - -To enable single step instrumentation with Helm: - -1. Add the Helm Datadog repo: - ```bash - helm repo add datadog https://helm.datadoghq.com - helm repo update - ``` -2. Create a Kubernetes Secret to store your Datadog [API key][10]: - ```bash - kubectl create secret generic datadog-secret --from-literal api-key=$DD_API_KEY - ``` -3. Create `datadog-values.yaml` and add the following configuration: - ``` - datadog: - apiKeyExistingSecret: datadog-secret - site: - apm: - instrumentation: - enabled: true - asm: - iast: - enabled: true - ``` - Replace `` with your [Datadog site][12]. - -4. Run the following command: - ```bash - helm install datadog-agent -f datadog-values.yaml datadog/datadog - ``` -5. Do a rolling restart on your applications for instrumentation to take effect. - -For more information on Kubernetes single step instrumentation, see the following: - -* [Enabling or Disabling Single Step Instrumentation by namespaces][15] -* [Specifying Instrumentation libraries versions][16] -* [Removing Instrumentation on specific deployments][17] - -[7]: https://v3.helm.sh/docs/intro/install/ -[8]: https://kubernetes.io/docs/tasks/tools/install-kubectl/ -[9]: https://github.com/DataDog/helm-charts/tree/master/charts/datadog-operator -[10]: https://app.datadoghq.com/organization-settings/api-keys -[11]: https://app.datadoghq.com/organization-settings/application-keys -[12]: /getting_started/site -[13]: https://v3.helm.sh/docs/intro/install/ -[14]: https://github.com/DataDog/helm-charts/blob/master/charts/datadog/values.yaml -[15]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#enabling-or-disabling-instrumentation-for-namespaces -[16]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#specifying-tracing-library-versions -[17]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#removing-instrumentation-for-specific-services - -{{% /tab %}} -{{< /tabs >}} - -### Removing Single Step APM and Application Security instrumentation from your Agent - -If you don't want to collect trace data for a particular service, host, VM, or container, complete the follow steps: - -#### Removing instrumentation for specific services - -Run the following commands and restart the service to stop injecting the library into the service and stop producing traces from that service. - -{{< tabs >}} -{{% tab "Linux host or VM" %}} - -1. Add the `DD_INSTRUMENT_SERVICE_WITH_APM` environment variable to the service startup command: - - ```shell - DD_INSTRUMENT_SERVICE_WITH_APM=false - ``` -2. Restart the service. - -3. To disable Code Security, remove the `DD_IAST_ENABLED=true` environment variable from your application configuration, and restart your service. - - - -{{% /tab %}} - -{{% tab "Docker" %}} - -1. Add the `DD_INSTRUMENT_SERVICE_WITH_APM` environment variable to the service startup command: - ```shell - docker run -e DD_INSTRUMENT_SERVICE_WITH_APM=false - ``` -2. Restart the service. - -3. To disable Code Security, remove the `DD_IAST_ENABLED=true` environment variable from your application configuration, and restart your service. -{{% /tab %}} - -{{% tab "Kubernetes" %}} - -1. Set the `admission.datadoghq.com/enabled:` label to `"false"` for the pod spec: - - ```yaml - spec: - template: - metadata: - labels: - admission.datadoghq.com/enabled: "false" - -
You can disable Code Security while keeping APM up by adding the DD_IAST_ENABLED=false environment variable to your deployments.
- -{{% /tab %}} - -{{< /tabs >}} - -### Removing APM for all services on the infrastructure - -To stop producing traces, remove library injectors and restart the infrastructure: - -{{< tabs >}} -{{% tab "Linux host or VM" %}} - -1. Run: - ```shell - dd-host-install --uninstall - ``` -2. Restart your host. - -{{% /tab %}} - -{{% tab "Docker" %}} - -1. Uninstall local library injection: - ```shell - dd-container-install --uninstall - ``` -2. Restart Docker: - ```shell - systemctl restart docker - ``` - Or use the equivalent for your environment. - -{{% /tab %}} - -{{% tab "Kubernetes" %}} - -1. Under `apm:`, remove `instrumentation:` and all following configuration in `datadog-values.yaml`. -2. Under `asm:`, remove `iast:` and all following configuration in`datadog-values.yaml`. -3. Run the following command: - - ```bash - helm upgrade datadog-agent -f datadog-values.yaml datadog/datadog - -{{% /tab %}} - -{{< /tabs >}} - ## Using Datadog Tracing Libraries Select your application language for details on how to enable Code Security for your language and infrastructure types. From b74481e0db3e849890498876da73757b3aed38ad Mon Sep 17 00:00:00 2001 From: Robert Pickering Date: Thu, 21 Nov 2024 15:19:09 +0100 Subject: [PATCH 5/7] some refinements --- .../threats/setup/_index.md | 22 +------------------ .../threats/setup/single_step/_index.md | 2 +- .../threats/setup/threat_detection/_index.md | 11 +++++++++- 3 files changed, 12 insertions(+), 23 deletions(-) diff --git a/content/en/security/application_security/threats/setup/_index.md b/content/en/security/application_security/threats/setup/_index.md index acaf9c120722b..c850e102f006e 100644 --- a/content/en/security/application_security/threats/setup/_index.md +++ b/content/en/security/application_security/threats/setup/_index.md @@ -1,24 +1,4 @@ --- title: Threat Management Setup -disable_toc: false +external_redirect: /security/application_security/threats/threat_detection/ --- - -## Prerequisites - -Before setting up Threat Management, ensure the following prerequisites are met: -- **Datadog Agent Installation:** The Datadog Agent is installed and configured for your application's operating system or container, cloud, or virtual environment. -- **Datadog APM Configuration:** Datadog APM is configured for your application or service, and web traces (`type:web`) are being received by Datadog. -- **Supported Tracing Library:** The Datadog Tracing Library used by your application or service supports Threat Management capabilities for the language of your application or service. For more details, refer to the [Library Compatibility][1] page. - -## Threat Management Enablement Types - -There are two main approaches to enable Threat Management on your tracing libraries: Single-Step Instrumentation and Datadog Tracing Libraries. - -### Datadog Tracing Libraries - -Add an environment variable or a new argument to your [Datadog Tracing Library configuration][2]. - -By following these steps, you'll successfully set up Threat Management for your application or service, monitoring services that are under attack and protecting them against attacks. - -[1]: /security/application_security/threats/setup/compatibility -[2]: /security/application_security/threats/setup/threat_detection diff --git a/content/en/security/application_security/threats/setup/single_step/_index.md b/content/en/security/application_security/threats/setup/single_step/_index.md index 1f78c20046a24..49eeabc358f53 100644 --- a/content/en/security/application_security/threats/setup/single_step/_index.md +++ b/content/en/security/application_security/threats/setup/single_step/_index.md @@ -1,4 +1,4 @@ --- title: Enabling ASM threat detection and protection using single step instrumentation -external_redirect: /security/application_security/threats/setup/ +external_redirect: /security/application_security/threats/threat_detection/ --- \ No newline at end of file diff --git a/content/en/security/application_security/threats/setup/threat_detection/_index.md b/content/en/security/application_security/threats/setup/threat_detection/_index.md index 233d09ef5baf4..9d791018c8b49 100644 --- a/content/en/security/application_security/threats/setup/threat_detection/_index.md +++ b/content/en/security/application_security/threats/setup/threat_detection/_index.md @@ -24,10 +24,19 @@ further_reading: text: "Secure serverless applications with Datadog ASM" --- +## Prerequisites + +Before setting up Threat Management, ensure the following prerequisites are met: +- **Datadog Agent Installation:** The Datadog Agent is installed and configured for your application's operating system or container, cloud, or virtual environment. +- **Datadog APM Configuration:** Datadog APM is configured for your application or service, and web traces (`type:web`) are being received by Datadog. +- **Supported Tracing Library:** The Datadog Tracing Library used by your application or service supports Threat Management capabilities for the language of your application or service. For more details, refer to the [Library Compatibility][1] page. + Select your application language for details on how to enable ASM Threat Detection for your language and infrastructure types. {{< partial name="security-platform/appsec-languages.html" >}}
## Further Reading -{{< partial name="whats-next/whats-next.html" >}} \ No newline at end of file +{{< partial name="whats-next/whats-next.html" >}} + +[1]: /security/application_security/threats/setup/compatibility From 48e2afc5c3a618bbba96041f84cd319794524312 Mon Sep 17 00:00:00 2001 From: Michael Cretzman Date: Tue, 3 Dec 2024 11:23:35 -0800 Subject: [PATCH 6/7] kept SSI topic - I kept SSI topic as it's hidden and will be restored in the near future. - removed the redirect as it's not needed --- .../threats/setup/_index.md | 18 +- .../threats/setup/single_step/_index.md | 272 +++++++++++++++++- 2 files changed, 288 insertions(+), 2 deletions(-) diff --git a/content/en/security/application_security/threats/setup/_index.md b/content/en/security/application_security/threats/setup/_index.md index c850e102f006e..0d5d0806bf20b 100644 --- a/content/en/security/application_security/threats/setup/_index.md +++ b/content/en/security/application_security/threats/setup/_index.md @@ -1,4 +1,20 @@ --- title: Threat Management Setup -external_redirect: /security/application_security/threats/threat_detection/ +disable_toc: false --- + +## Prerequisites + +Before setting up Threat Management, ensure the following prerequisites are met: +- **Datadog Agent Installation:** The Datadog Agent is installed and configured for your application's operating system or container, cloud, or virtual environment. +- **Datadog APM Configuration:** Datadog APM is configured for your application or service, and web traces (`type:web`) are being received by Datadog. +- **Supported Tracing Library:** The Datadog Tracing Library used by your application or service supports Threat Management capabilities for the language of your application or service. For more details, refer to the [Library Compatibility][1] page. + +## Datadog Tracing Libraries + +Add an environment variable or a new argument to your [Datadog Tracing Library configuration][3]. + +By following these steps, you'll successfully set up Threat Management for your application or service, monitoring services that are under attack and protecting them against attacks. + +[1]: /security/application_security/threats/setup/compatibility +[3]: /security/application_security/threats/setup/threat_detection \ No newline at end of file diff --git a/content/en/security/application_security/threats/setup/single_step/_index.md b/content/en/security/application_security/threats/setup/single_step/_index.md index 49eeabc358f53..fb90a21e45a5e 100644 --- a/content/en/security/application_security/threats/setup/single_step/_index.md +++ b/content/en/security/application_security/threats/setup/single_step/_index.md @@ -1,4 +1,274 @@ --- title: Enabling ASM threat detection and protection using single step instrumentation external_redirect: /security/application_security/threats/threat_detection/ ---- \ No newline at end of file +--- + +
Enabling ASM threat detection and protection using single step instrumentation is in Preview.
+ + +## Requirements + +- **Minimum Agent version 7.53.0** +- **Minimum Helm version 3.62.0** (For Kubernetes deployments) +- **Languages and architectures**: Single step ASM instrumentation only supports tracing Java, Python, Ruby, Node.js, and .NET Core services on `x86_64` and `arm64` architectures. +- **Operating systems**: Linux VMs (Debian, Ubuntu, Amazon Linux, CentOS/Red Hat, Fedora), Docker, Kubernetes clusters with Linux containers. + +## Enabling in one step + +If you [install or update a Datadog Agent][1] with the **Enable Threat Protection (new)** option selected, the Agent is installed and configured to enable ASM. This allows you to automatically instrument your application, without any additional installation or configuration steps. Restart services for this instrumentation to take effect. + + +{{< img src="/security/application_security/single_step/asm_single_step_threat_detection_2.png" alt="Account settings Ubuntu setup page highlighting the toggle for Enabling APM instrumentation and Threat Protection." style="width:100%;" >}} + +The following examples show how it works on each infrastructure type. + +{{< tabs >}} +{{% tab "Linux host or VM" %}} + +With one command, you can install, configure, and start the Agent, while also instrumenting your services with ASM. + +For an Ubuntu host: + +1. Run the one-line installation command: + + ```shell + DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_APPSEC_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" + ``` + + a. Replace `` with your [Datadog API key][4]. + + b. Replace `` with your [Datadog site][3]. +
+ You can also optionally configure the following: + +
+2. Exit your current shell session. +3. Start a new shell session. +4. Restart the services on the host or VM. +5. [Explore the performance observability of your services in Datadog][5]. + +**Note:** To configure single-step for both ASM Threat Protection and Code Security, add the environment variables `DD_APPSEC_ENABLED=true` _and_ `DD_IAST_ENABLED=true` to your one-line installation command. + +### Specifying tracing library versions {#lib-linux} + +By default, enabling APM on your server installs support for Java, Python, Ruby, Node.js, and .NET Core services. If you only have services implemented in some of these languages, set `DD_APM_INSTRUMENTATION_LIBRARIES` in your one-line installation command: + +```shell +DD_APM_INSTRUMENTATION_LIBRARIES="java:1.25.0,python" DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_APPSEC_ENABLED=true DD_ENV=staging bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" +``` + +You can optionally provide a version number for the tracing library by placing a colon after the language name and specifying the tracing library version. If you don't specify a version, it defaults to the latest version. Language names are comma-separated. + +Supported languages include: + +- .NET (`dotnet`) +- Python (`python`) +- Java (`java`) +- Node.js (`js`) +- Ruby (`ruby`) + +**Note**: For the Node.js tracing library, different versions of Node.js are compatible with different versions of the Node.js tracing library. See [DataDog/dd-trace-js: JavaScript APM Tracer][6] for more information. + +### Tagging observability data by environment {#env-linux} + +Set `DD_ENV` in your one-line installation command for Linux to automatically tag instrumented services and other telemetry that pass through the Agent with a specific environment. For example, if the Agent is installed in your staging environment, set `DD_ENV=staging` to associate your observability data with `staging`. + +For example: + +```shell +DD_API_KEY= DD_SITE="" DD_APM_INSTRUMENTATION_ENABLED=host DD_APPSEC_ENABLED=true DD_ENV=staging bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" +``` + +[2]: /agent/remote_config +[3]: /getting_started/site/ +[4]: https://app.datadoghq.com/organization-settings/api-keys +[5]: /service_catalog/ +[6]: https://github.com/DataDog/dd-trace-js?tab=readme-ov-file#version-release-lines-and-maintenance + +{{% /tab %}} + +{{% tab "Docker" %}} + +For a Docker Linux container: + +1. Install the library injector: + ```shell + DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true DD_APPSEC_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" + ``` +2. Configure the Agent in Docker: + ```shell + docker run -d --name dd-agent \ + -e DD_API_KEY=${YOUR_DD_API_KEY} \ + -e DD_APM_ENABLED=true \ + -e DD_APPSEC_ENABLED=true \ + -e DD_APM_NON_LOCAL_TRAFFIC=true \ + -e DD_DOGSTATSD_NON_LOCAL_TRAFFIC=true \ + -e DD_APM_RECEIVER_SOCKET=/opt/datadog/apm/inject/run/apm.socket \ + -e DD_DOGSTATSD_SOCKET=/opt/datadog/apm/inject/run/dsd.socket \ + -v /opt/datadog/apm:/opt/datadog/apm \ + -v /var/run/docker.sock:/var/run/docker.sock:ro \ + gcr.io/datadoghq/agent:7 + ``` + Replace `` with your [Datadog API][5]. +
+ You can also optionally configure the following: + +
+3. Restart the Docker containers. +4. [Explore the performance observability of your services in Datadog][6]. + +### Specifying tracing library versions {#lib-docker} + +By default, enabling APM on your server installs support for Java, Python, Ruby, Node.js, and .NET services. If you only have services implemented in some of these languages, set `DD_APM_INSTRUMENTATION_LIBRARIES` when running the installation script. + +For example, to install support for only v1.25.0 of the Java tracing library and the latest Python tracing library, add the following to the installation command: + +```shell +DD_APM_INSTRUMENTATION_LIBRARIES="java:1.25.0,python" DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true DD_APPSEC_ENABLED=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)" +``` + +You can optionally provide a version number for the tracing library by placing a colon after the language name and specifying the tracing library version. If you don't specify a version, it defaults to the latest version. Language names are comma-separated. + +Supported languages include: + +- .NET (`dotnet`) +- Python (`python`) +- Java (`java`) +- Node.js (`js`) +- Ruby (`ruby`) + +**Note**: For the Node.js tracing library, different versions of Node.js are compatible with different versions of the Node.js tracing library. See [DataDog/dd-trace-js: JavaScript APM Tracer][7] for more information. + +### Tagging observability data by environment {#env-docker} + +Set `DD_ENV` in the library injector installation command for Docker to automatically tag instrumented services and other telemetry that pass through the Agent with a specific environment. For example, if the Agent is installed in your staging environment, set `DD_ENV=staging` to associate your observability data with `staging`. + +For example: + +{{< highlight shell "hl_lines=5" >}} +docker run -d --name dd-agent \ + -e DD_API_KEY=${YOUR_DD_API_KEY} \ + -e DD_APM_ENABLED=true \ + -e DD_APPSEC_ENABLED=true \ + -e DD_ENV=staging \ + -e DD_APM_NON_LOCAL_TRAFFIC=true \ + -e DD_DOGSTATSD_NON_LOCAL_TRAFFIC=true \ + -e DD_APM_RECEIVER_SOCKET=/opt/datadog/apm/inject/run/apm.socket \ + -e DD_DOGSTATSD_SOCKET=/opt/datadog/apm/inject/run/dsd.socket \ + -v /opt/datadog/apm:/opt/datadog/apm \ + -v /var/run/docker.sock:/var/run/docker.sock:ro \ + gcr.io/datadoghq/agent:7 +{{< /highlight >}} + +[5]: https://app.datadoghq.com/organization-settings/api-keys +[6]: /service_catalog/ +[7]: https://github.com/DataDog/dd-trace-js?tab=readme-ov-file#version-release-lines-and-maintenance + + +{{% /tab %}} + +{{% tab "Kubernetes" %}} + +You can enable APM by installing the Agent with the Datadog Helm chart. This deploys the Datadog Agent across all nodes in your Linux-based Kubernetes cluster with a DaemonSet. + +**Note**: Single step instrumentation doesn't instrument applications in the namespace where you install the Datadog Agent. It's recommended to install the Agent in a separate namespace in your cluster where you don't run your applications. + +### Requirements + +- Make sure you have [Helm][13] installed. + +### Installation + +To enable single step instrumentation with Helm: + +1. Add the Helm Datadog repo: + + ```bash + helm repo add datadog https://helm.datadoghq.com + helm repo update + ``` +2. Create a Kubernetes Secret to store your Datadog [API key][10]: + + ```bash + kubectl create secret generic datadog-secret --from-literal api-key=$DD_API_KEY +[7]: https://v3.helm.sh/docs/intro/install/ +[8]: https://kubernetes.io/docs/tasks/tools/install-kubectl/ +[9]: https://github.com/DataDog/helm-charts/tree/master/charts/datadog-operator +[10]: https://app.datadoghq.com/organization-settings/api-keys +[11]: https://app.datadoghq.com/organization-settings/application-keys +[12]: /getting_started/site +[13]: https://v3.helm.sh/docs/intro/install/ +[14]: https://github.com/DataDog/helm-charts/blob/master/charts/datadog/values.yaml +[15]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#enabling-or-disabling-instrumentation-for-namespaces +[16]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#specifying-tracing-library-versions +[17]: /tracing/trace_collection/automatic_instrumentation/single-step-apm/?tab=kubernetes#removing-instrumentation-for-specific-services +{{% /tab %}} +{{< /tabs >}} +## Removing Single Step APM and ASM instrumentation from your Agent +If you don't want to collect trace data for a particular service, host, VM, or container, complete the follow steps: +### Removing instrumentation for specific services +Run the following commands and restart the service to stop injecting the library into the service and stop producing traces from that service. +{{< tabs >}} +{{% tab "Linux host or VM" %}} +1. Add the `DD_INSTRUMENT_SERVICE_WITH_APM` environment variable to the service startup command: + ```shell + DD_INSTRUMENT_SERVICE_WITH_APM=false + ``` +2. Restart the service. +3. To disable ASM, remove the `DD_APPSEC_ENABLED=true` environment variable from your application configuration, and restart your service. +{{% /tab %}} +{{% tab "Docker" %}} +1. Add the `DD_INSTRUMENT_SERVICE_WITH_APM` environment variable to the service startup command: + ```shell + docker run -e DD_INSTRUMENT_SERVICE_WITH_APM=false + ``` +2. Restart the service. +3. To disable ASM, remove the `DD_APPSEC_ENABLED=true` environment variable from your application configuration, and restart your service. +{{% /tab %}} +{{% tab "Kubernetes" %}} +1. Set the `admission.datadoghq.com/enabled:` label to `"false"` for the pod spec: + ```yaml + spec: + template: + metadata: + labels: + admission.datadoghq.com/enabled: "false" +{{% /tab %}} +{{< /tabs >}} +### Removing APM for all services on the infrastructure +To stop producing traces, remove library injectors and restart the infrastructure: +{{< tabs >}} +{{% tab "Linux host or VM" %}} +1. Run: + ```shell + dd-host-install --uninstall + ``` +2. Restart your host. +{{% /tab %}} +{{% tab "Docker" %}} +1. Uninstall local library injection: + ```shell + dd-container-install --uninstall + ``` +2. Restart Docker: + ```shell + systemctl restart docker + ``` + Or use the equivalent for your environment. +{{% /tab %}} +{{% tab "Kubernetes" %}} +1. Under `apm:`, remove `instrumentation:` and all following configuration in `datadog-values.yaml`. +2. Under `asm:`, remove `threats:` and all following configuration in`datadog-values.yaml`. +3. Run the following command: + ```bash + helm upgrade datadog-agent -f datadog-values.yaml datadog/datadog +{{% /tab %}} +{{< /tabs >}} +[1]: https://app.datadoghq.com/account/settings/agent/latest +[2]: /agent/remote_config \ No newline at end of file From 77a81bf800884b65bd66b96d89895a3d6f6f735e Mon Sep 17 00:00:00 2001 From: Michael Cretzman Date: Tue, 3 Dec 2024 12:16:11 -0800 Subject: [PATCH 7/7] Rerunning build added a space to rerun build --- .../application_security/threats/setup/single_step/_index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/en/security/application_security/threats/setup/single_step/_index.md b/content/en/security/application_security/threats/setup/single_step/_index.md index fb90a21e45a5e..4c390667a21c7 100644 --- a/content/en/security/application_security/threats/setup/single_step/_index.md +++ b/content/en/security/application_security/threats/setup/single_step/_index.md @@ -5,7 +5,6 @@ external_redirect: /security/application_security/threats/threat_detection/
Enabling ASM threat detection and protection using single step instrumentation is in Preview.
- ## Requirements - **Minimum Agent version 7.53.0**