Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include APM Trace Id in the X-Request-ID header in all Agentless API requests #192048

Closed
6 tasks
opauloh opened this issue Sep 3, 2024 · 2 comments · Fixed by #192235
Closed
6 tasks

Include APM Trace Id in the X-Request-ID header in all Agentless API requests #192048

opauloh opened this issue Sep 3, 2024 · 2 comments · Fixed by #192235
Assignees
@opauloh
Labels
8.16 candidate Team:Cloud Security Cloud Security team related technical debt Improvement of the software architecture and operational architecture

Comments

@opauloh
Copy link
Contributor

opauloh commented Sep 3, 2024
edited
Loading

Summary

This ticket aims to include the X-Request-ID Header on all HTTP calls from the Kibana server to the Agentless API.

The X-Request-ID should be captured from the currentTraceparent provided by the APM service.

If a request is initiated as part of a background job, all Kibana transactions with the Agentless Api should happen after calling Apm's startTransaction.

Motivation

If a customer receives an error it can include the ID in a bug report, allowing the SDH operators to look up the corresponding log statements (without having to rely on timestamps, IPs, etc).

Also, this generated ID does not contain any sensitive information (client_id, cluster_id, etc), and won't violate the user's privacy as a unique ID is created per request it does help with tracking all the transactions related to a request when debugging an issue.

Definition of done

  • X-Request-ID Header included on all HTTP calls from the Kibana server to the Agentless API.
  • X-Request-ID is the currentTraceparent string captured from Apm Service and is unique per request.
  • Request initiated as part of a background job (i.e. delete inactive agents), the Kibana transactions with the Agentless Api should happen after calling Apm's startTransaction.
  • X-Request-ID is included on the error logs thrown on the try/catch blocks.
  • logging documents created on Elasticsearch should use the http.request.id field to store the value of X-Request-ID.
  • logging documents should also include trace.id and transaction.id
  • Modifications on the agentless API TBD in a separate ticket.

Related tasks/epics
@opauloh opauloh self-assigned this Sep 3, 2024
@botelastic botelastic bot added the needs-team Issues missing a team label label Sep 3, 2024
@opauloh opauloh added the Team:Cloud Security Cloud Security team related label Sep 3, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

@botelastic botelastic bot removed the needs-team Issues missing a team label label Sep 3, 2024
@opauloh opauloh added technical debt Improvement of the software architecture and operational architecture 8.16 candidate labels Sep 3, 2024
@opauloh opauloh mentioned this issue Sep 3, 2024
Closed
5 tasks
@opauloh opauloh linked a pull request Sep 13, 2024 that will close this issue
[Cloud Security] [Agentless] Improving error log metadata and sending APM trace id #192235
Merged
@opauloh
Copy link
Contributor Author

opauloh commented Sep 13, 2024

I have a draft PR including the X-Request-ID using APM's traceparent, however, I had no success in testing the PR on the ESS environment with the QAF tool and the ci:cloud-deployment is not working, I'm blocking the issue until I can successfully test the changes with the QAF tool or when using the ci:cloud-deployment tag on the PR.

@acorretti acorretti changed the title [Cloud Security] [Agentless] Include APM Trace Id in the X-Request-ID header in all Agentless API requests [Agentless] Include APM Trace Id in the X-Request-ID header in all Agentless API requests Sep 19, 2024
@acorretti acorretti changed the title [Agentless] Include APM Trace Id in the X-Request-ID header in all Agentless API requests Include APM Trace Id in the X-Request-ID header in all Agentless API requests Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@opauloh opauloh

Labels
8.16 candidate Team:Cloud Security Cloud Security team related technical debt Improvement of the software architecture and operational architecture
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Cloud Security] [Agentless] Improving error log metadata and sending APM trace id opauloh/kibana
2 participants
@elasticmachine @opauloh