APM Agent language and version:
agent.name js-base
agent.version 4.0.2
Elasticstack hosted on Elastic Cloud.
We are trying to add a custom field which is available in both the transaction and all subsequent spans without having to specify the spans. Would you have a way to accomodate that?
Thanks for reaching out.
At the moment, this is not possible. We try to mindful of the extra information we put on spans since they can increase the payload and storage costs.
Would you please explain a little bit more about your use-case?
Hi @Hamidreza , ty for your reply. As per your question; we are trying to maintain multitenancy on doc level. This implies roles which have access to specific documents limited by following statement in the Granted documents query field in the Role definition:
{"term":{"team":"team_A"}}
This worked fine on any docs we ingested from Beats but now APM comes into play which doesn't give us the document level control we require. Makes sense? Any recommendations?
If you run an APM Server per tenant/customer, you can set each one up to write to a specific pipeline that would add the fields you need to do index level security. You could also add a processor in APM Server to get the field added, but it's not currently documented.
hi @roncohen, thanks. Yes, it would be an option for a later stage where we need to scale up. For now we need to stick to a single instance.
We found a way to get the desired in place. We abuse the service field using a delimited value team#service and strip and write the team value to a dedicated field through logstash.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.