Skip to content

Document HTTPS limitation for non-IIS Windows services in USM #32723

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Nov 10, 2025
Merged

Document HTTPS limitation for non-IIS Windows services in USM #32723

merged 5 commits into from
Nov 10, 2025

Conversation

@ddOfir
Copy link
Contributor

@ddOfir ddOfir commented Nov 10, 2025

Documents that USM on Windows only supports HTTPS for IIS services, not for non-IIS services (Node.js, Java,
custom .NET apps, etc.)

ddOfir and others added 2 commits November 5, 2025 20:43
@ddOfir @claude
Clarify USM environment variable detection limitations
1f069f3 
Add documentation explaining that Universal Service Monitoring (USM) only
detects environment variables set at process start time, not those set
programmatically within application code.

This clarifies that while APM instrumentation libraries can read DD_SERVICE
and similar variables set via System.setProperty() (Java) or
Environment.SetEnvironmentVariable() (.NET), USM cannot detect these as it
reads from /proc/PID/environ (Linux) or system APIs (Windows) which only
contain the initial process environment.

Includes examples for properly setting environment variables in Docker,
Kubernetes, and shell environments to ensure USM detection.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@ddOfir @claude
Document HTTPS limitation for non-IIS Windows services in USM
e81ca98 
Add documentation clarifying that Universal Service Monitoring on Windows
only supports HTTPS monitoring for IIS-based services. Non-IIS services
(custom .NET apps, Node.js, Java, etc.) can only be monitored via HTTP.

This limitation exists because USM on Windows uses Event Tracing for
Windows (ETW) via the Microsoft-Windows-HttpService provider, which is
only available for IIS services. Non-IIS services running HTTPS will not
have their encrypted traffic monitored by USM.

Includes a clear breakdown of what is and isn't supported:
- IIS services: HTTP + HTTPS ✅
- Non-IIS services: HTTP only ✅, HTTPS ❌

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@ddOfir ddOfir requested a review from a team as a code owner November 10, 2025 17:13
@github-actions
Copy link
Contributor

github-actions bot commented Nov 10, 2025

Preview links (active after the build_preview check completes)

Modified Files

@cswatt cswatt self-assigned this Nov 10, 2025
@cswatt
Copy link
Contributor

cswatt commented Nov 10, 2025

Pushed style edits to make copy appear less LLM-generated. The hallmarks of LLM-generated text (frequent bolding, emojis, etc.) are associated with low trust.

Will merge when checks complete.

@cswatt cswatt merged commit a94685c into master Nov 10, 2025
18 of 19 checks passed
@cswatt cswatt deleted the ofir.yefet/usm-windows-https-limitation branch November 10, 2025 20:26
@cswatt cswatt mentioned this pull request Nov 10, 2025
Closed
1 task
brett0000FF pushed a commit that referenced this pull request Nov 10, 2025
@ddOfir @claude
@cswatt @brett0000FF
Document HTTPS limitation for non-IIS Windows services in USM (#32723)
1609080 
* Clarify USM environment variable detection limitations

Add documentation explaining that Universal Service Monitoring (USM) only
detects environment variables set at process start time, not those set
programmatically within application code.

This clarifies that while APM instrumentation libraries can read DD_SERVICE
and similar variables set via System.setProperty() (Java) or
Environment.SetEnvironmentVariable() (.NET), USM cannot detect these as it
reads from /proc/PID/environ (Linux) or system APIs (Windows) which only
contain the initial process environment.

Includes examples for properly setting environment variables in Docker,
Kubernetes, and shell environments to ensure USM detection.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* Document HTTPS limitation for non-IIS Windows services in USM

Add documentation clarifying that Universal Service Monitoring on Windows
only supports HTTPS monitoring for IIS-based services. Non-IIS services
(custom .NET apps, Node.js, Java, etc.) can only be monitored via HTTP.

This limitation exists because USM on Windows uses Event Tracing for
Windows (ETW) via the Microsoft-Windows-HttpService provider, which is
only available for IIS services. Non-IIS services running HTTPS will not
have their encrypted traffic monitored by USM.

Includes a clear breakdown of what is and isn't supported:
- IIS services: HTTP + HTTPS ✅
- Non-IIS services: HTTP only ✅, HTTPS ❌

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* some reformatting

* edits

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: cecilia saixue watt <cecilia.watt@datadoghq.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cswatt cswatt cswatt approved these changes

Assignees

@cswatt cswatt

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ddOfir @cswatt