Secure Application for OpenTelemetry

Secure Application is available for OpenTelemetry Java. If you have an application monitored by the OpenTelemetry Java Agent, you can deploy the Secure Application extension for OpenTelemetry Java to monitor application security.

Before You Begin

To use Secure Application, ensure:

You have met the Secure Application Requirements.
You have enough Secure Application licenses to cover the supported Secure Application extension usage within the applications you plan on securing. To get a Secure Application license, contact the Splunk AppDynamics sales representative, or email salesops@appdynamics.com.
You have the Controller version >= 23.11.0. These versions reflect recommended minimum versions. We continually update our technology, so it's optimal to use the most recent agent version when possible.
For OpenTelemetry Java, you have the OpenTelemetry Java version >= 1.28.0. See OpenTelemetry Java releases.
You have Secure Application Extension version >= 23.11.0.
You have configured the traces to be sent to Splunk AppDynamics for OpenTelemetry. See Splunk AppDynamics for OpenTelemetry™. This is required to in order to have Secure Application registered and active.
- The service.namespace resource attribute is required and maps to Application name in the Controller. See Configure Resource Attributes.
- The service.name resource attribute is required and maps to the tier name.
- Traces can be sampled if the only requirement allows registration of the Secure Application extension. See OpenTelemetry Tail Sampling Processor.

Configure the OpenTelemetry Java

You must configure the OpenTelemetry Java Agent in order to launch the Secure Application extension. To add the extension to the OpenTelemetry Java Agent:

Download the Secure Application extension zip from Splunk AppDynamics Downloads Portal under Splunk AppDynamicsOpenTelemetry Extensions. If your application is deployed in a container environment, then you can download the Secure Application extension docker image from Docker Hub into a shared volume utilizing an init container.
Extract the Secure Application extension zip file and copy it to the host that is running the application to the OpenTelemetry Java Agent.
Set the otel.javaagent.extensions OTEL_JAVAAGENT_EXTENSIONS OpenTelemetry Extensions Config.
```
-Dotel.javaagent.extensions=/opt/appdynamics/otel-java-extensions
```

The following resource attributes are determined through otel.resource.attributes system property or OTEL_RESOURCE_ATTRIBUTES environment variable in the OpenTelemetry Java Agent:

service.name = tier name
service.namespace = application name
Secure Application automatically sets the node.name using one of these three attributes: service.node , service.instance.id , or Container ID .

Configure the Secure Application Extension

You must configure the Controller access for the Secure Application extension. To do that, use one of the following options:

Use these system properties:

-Dappdynamics.controller.hostName=name.saas.appd-test.com
-Dappdynamics.controller.port=443
-Dappdynamics.controller.ssl.enabled=true
-Dappdynamics.agent.accountName=name
-Dappdynamics.agent.accountAccessKey=key

Use these environment variables:


Environment Variable	Equivalent property
APPDYNAMICS_CONTROLLER_HOST_NAME	`<controller-host>`
APPDYNAMICS_CONTROLLER_PORT	`<controller-port>`
APPDYNAMICS_CONTROLLER_SSL_ENABLED	`<controller-ssl-enabled>`
APPDYNAMICS_AGENT_ACCOUNT_NAME	`<account-name>`
APPDYNAMICS_AGENT_ACCOUNT_ACCESS_KEY	`<account-access-key>`

Troubleshooting

For common troubleshooting actions that you can take to solve Secure Application issues, see Troubleshooting Secure Application Issues.