Cisco Secure Application for OpenTelemetry

Cisco Secure Application is available for OpenTelemetry Java. If you have an application monitored by the OpenTelemetry Java Agent, you can deploy the Cisco Secure Application extension for OpenTelemetry Java to monitor the application security. See Cisco Secure Application Requirements.

Before You Begin

To use Cisco Secure Application, ensure:

You have met the preceding Cisco Secure Application Requirements.
You have enough Cisco Secure Application licenses to cover the supported Cisco Secure Application extension usage within the applications you plan on securing. To get a Cisco Secure Application license, contact the AppDynamics sales representative, or email salesops@appdynamics.com.
You have the Controller version >= 23.11.0. These versions reflect recommended minimum versions. We continually update our technology, so it's optimal to use the most recent agent version when possible.
For OpenTelemetry Java, you have the OpenTelemetry Java version >= 1.28.0. See OpenTelemetry Java releases.
You have Cisco Secure Application Extension version >= 23.11.0.
You have configured the traces to be sent to AppDynamics for OpenTelemetry. See AppDynamics for OpenTelemetry™. This is required to in order to have Cisco Secure Application registered and active.
- The service.namespace resource attribute is required and maps to Application name in the Controller. See Configure Resource Attributes.
- The service.name resource attribute is required and maps to the tier name. See Configure Resource Attributes.
- Traces can be sampled if the only requirement allows registration of the Cisco Secure Application extension. See OpenTelemetry Tail Sampling Processor.

Configure the OpenTelemetry Java

You must configure the OpenTelemetry Java Agent in order to launch the Cisco Secure Application extension. To add the extension to the OpenTelemetry Java Agent:

Download the Cisco Secure Application extension zip from AppDynamics Downloads Portal under AppDynamics OpenTelemetry Extensions. If your application is deployed in a container environment, then you can download the Cisco Secure Application extension docker image from Docker Hub into a shared volume utilizing an init container.
Extract the Cisco Secure Application extension zip file and copy it to the host that is running the application to the OpenTelemetry Java Agent.
Set the otel.javaagent.extensions system property or the OTEL_JAVAAGENT_EXTENSIONS environment variable to the full path of the extension JAR or folder. See OpenTelemetry Extensions Config.
```
-Dotel.javaagent.extensions=/opt/appdynamics/otel-java-extensions
```
JAVA

The following resource attributes are determined through otel.resource.attributes system property or OTEL_RESOURCE_ATTRIBUTES environment variable in the OpenTelemetry Java Agent:

service.name = tier name
service.namespace = application name
Cisco Secure Application automatically sets the node.name using one of these three attributes: service.node, service.instance.id, or Container ID.

Configure the Cisco Secure Application Extension

You must configure the Controller access for the Cisco Secure Application extension. To do that, use one of the following options:

Use these system properties:

-Dappdynamics.controller.hostName=name.saas.appd-test.com  
-Dappdynamics.controller.port=443
-Dappdynamics.controller.ssl.enabled=true
-Dappdynamics.agent.accountName=name
-Dappdynamics.agent.accountAccessKey=key

JAVA

Use these environment variables:

Environment Variable	Equivalent property
`APPDYNAMICS_CONTROLLER_HOST_NAME`	`<controller-host>`
`APPDYNAMICS_CONTROLLER_PORT`	`<controller-port>`
`APPDYNAMICS_CONTROLLER_SSL_ENABLED`	`<controller-ssl-enabled>`
`APPDYNAMICS_AGENT_ACCOUNT_NAME`	`<account-name>`
`APPDYNAMICS_AGENT_ACCOUNT_ACCESS_KEY`	`<account-access-key>`

Troubleshooting

For common troubleshooting actions that you can take to solve Cisco Secure Application issues, see Troubleshooting Cisco Secure Application Issues.