Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide hooks to modify span content before conversion into ReadableSpan #4424

Open
BryanFauble opened this issue Feb 12, 2025 · 0 comments
Open

Provide hooks to modify span content before conversion into ReadableSpan #4424

BryanFauble opened this issue Feb 12, 2025 · 0 comments
Labels
feature-request

Comments

@BryanFauble
Copy link

Is your feature request related to a problem?

I want to control the redaction and modification of sensitive information in spans including attributes, and exceptions from a central location.

In our specific case and as described in this pull request, we are running into problems where an exception that is raised as a result of hitting a sensitive URL is logged in the trace. In an effort to reduce potential vectors of attack, I do not want to persist this information at all to any telemetry backend. Instead, I want to make sure this data is dropped out of any log/trace before it leaves the machine that produced the message (In this case it's AWS ECS, or a developers local machine).

Describe the solution you'd like

I would like to execute one or more hooks before a ReadableSpan is created in this code. The purpose of these hooks would allow user defined code to modify the Span in any way before it's converted into a read-only span. This is the hack I suggested to my developer in this comment.

Alternatively, I question what the benefit of a read-only span gives in the python SDK. I can see there being some concerns around race conditions when working with the ConcurrentMultiSpanProcessor, but SynchronousMultiSpanProcessor don't have that same problem (What I am using). If the span could be modified within the SpanProcessor's that we implement, then there is no need for this hook mechanism, we would be able to do this data modification in the on_end function call.

Describe alternatives you've considered

I am aware that the OTEL collector may be used handle the transformation of data in the content flowing through it as described in this document. However, this is not a solution that I wanted to start with because we may have developers running the application code locally and exporting telemetry data directly to our telemetry backend. In this scenario there is no OTEL collector in the path of that data that we may use to transform the data and redact any sensitive information.

Additional Context

No response

Would you like to implement a fix?

None
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BryanFauble