Instrument a Node.js application

Instrument a Node.js application for Secure Application.

Follow these steps to instrument a Node.js application for Secure Application. Modify the Splunk Distribution of OpenTelemetry JS configuration for Secure Application.

Complete Step 2: Deploy a supported OpenTelemetry Collector.

Instrument your application with Splunk OpenTelemetry JS version 4.x.
Activate Secure Application instrumentation for the Node.js agent.
Set the SPLUNK_SECUREAPP_AGENT_ENABLED environment variable to true.
CODE
export SPLUNK_SECUREAPP_AGENT_ENABLED=true
```
export SPLUNK_SECUREAPP_AGENT_ENABLED=true
```

Configure the OTLP logs endpoint.

By default, the Node.js agent sends Secure Application logs to http://localhost:4318/v1/logs but you can change this by setting one of these environment variables:


Environment variable	Description	Example
`OTEL_EXPORTER_OTLP_ENDPOINT`	Base OTLP endpoint. The Node.js agent appends `/v1/logs` when it sends Secure Application logs.	`http://localhost:4318`
`OTEL_EXPORTER_OTLP_LOGS_ENDPOINT`	Full OTLP logs endpoint. The Node.js agent doesn't append `/v1/logs`.	`https://localhost:4318/v1/logs`

Set service metadata for your Node.js application.


Environment variable	Description	Example
`OTEL_SERVICE_NAME`	Service name for the instrumented Node.js application.	`checkout-service`
`OTEL_RESOURCE_ATTRIBUTES`	Resource attributes that describe the instrumented service.	`deployment.environment=test`

Optional: Configure Secure Application runtime reporting.


Environment variable	Description	Default
`SPLUNK_SECUREAPP_DEPENDENCY_SCAN_INTERVAL`	Time, in milliseconds, between dependency scans.	`86400000` (24 hours)
`SPLUNK_SECUREAPP_RUNTIME_PACKAGES_ONLY`	When set to `true`, reports only packages loaded at runtime.	`true`
`SPLUNK_SECUREAPP_NO_SELF_REPORT`	When set to `true`, excludes dependencies of the Node.js agent from the report.	`false`

Run your Node.js application:
SHELL
node -r @splunk/otel/instrument <your-application>.js
```
node -r @splunk/otel/instrument <your-application>.js
```

Your Node.js application launches with Secure Application instrumentation activated. The Node.js agent does the following:

Sends vulnerability and library data to the Splunk Observability Cloud back end.
Collects potential attack events at runtime.
Reports data once at application startup and then every 24 hours thereafter.

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

Enterprise Security

SOAR

IT Service Intelligence

Content Packs

Splunk Observability Cloud

AppDynamics SaaS

AppDynamics On-Premises

Virtual Appliance (Self-Hosted)

Developer Documentation

Splunkbase

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

DATA MANAGEMENT

SEARCH AND ANALYTICS

ADMINISTRATION

Enterprise Security

SOAR

ENTERPRISE SECURITY

SOAR

RELATED APPS

IT Service Intelligence

Content Packs

ITSI

IT Ops

ADMINISTRATION

EXTENSIONS

Splunk Observability Cloud

MONITORING

DATA MANAGEMENT

ADMINISTRATION

AppDynamics SaaS

AppDynamics On-Premises

Virtual Appliance (Self-Hosted)

ESSENTIALS

MONITORING

ADMINISTRATION

Developer Documentation

Splunkbase

PLATFORM

OBSERVABILITY

REFERENCE

Resources

REFERENCE

Learn More

Support

Instrument a Node.js application