OpenTelemetry Flask Instrumentation
This library builds on the OpenTelemetry WSGI middleware to track web requests in Flask applications. In addition to opentelemetry-util-http, it supports Flask-specific features such as:
The Flask url rule pattern is used as the Span name.
The
http.route
Span attribute is set so that one can see which URL rule matched a request.
SQLCOMMENTER
You can optionally configure Flask instrumentation to enable sqlcommenter which enriches the query with contextual information.
Usage
from opentelemetry.instrumentation.flask import FlaskInstrumentor
FlaskInstrumentor().instrument(enable_commenter=True, commenter_options={})
For example, FlaskInstrumentor when used with SQLAlchemyInstrumentor or Psycopg2Instrumentor,
invoking cursor.execute("select * from auth_users")
will lead to sql query
select * from auth_users
but when SQLCommenter is enabled the query will get appended with
some configurable tags like:
select * from auth_users /*metrics=value*/;"
Inorder for the commenter to append flask related tags to sql queries, the commenter needs to enabled on the respective SQLAlchemyInstrumentor or Psycopg2Instrumentor framework too.
SQLCommenter Configurations
We can configure the tags to be appended to the sqlquery log by adding configuration
inside commenter_options={}
dict.
For example, enabling this flag will add flask and it’s version which
is /*flask%%3A2.9.3*/
to the SQL query as a comment (default is True):
framework = True
For example, enabling this flag will add route uri /*route='/home'*/
to the SQL query as a comment (default is True):
route = True
For example, enabling this flag will add controller name /*controller='home_view'*/
to the SQL query as a comment (default is True):
controller = True
Usage
from flask import Flask
from opentelemetry.instrumentation.flask import FlaskInstrumentor
app = Flask(__name__)
FlaskInstrumentor().instrument_app(app)
@app.route("/")
def hello():
return "Hello!"
if __name__ == "__main__":
app.run(debug=True)
Configuration
Exclude lists
To exclude certain URLs from tracking, set the environment variable OTEL_PYTHON_FLASK_EXCLUDED_URLS
(or OTEL_PYTHON_EXCLUDED_URLS
to cover all instrumentations) to a string of comma delimited regexes that match the
URLs.
For example,
export OTEL_PYTHON_FLASK_EXCLUDED_URLS="client/.*/info,healthcheck"
will exclude requests such as https://site/client/123/info
and https://site/xyz/healthcheck
.
You can also pass comma delimited regexes directly to the instrument_app
method:
FlaskInstrumentor().instrument_app(app, excluded_urls="client/.*/info,healthcheck")
Request/Response hooks
This instrumentation supports request and response hooks. These are functions that get called right after a span is created for a request and right before the span is finished for the response.
The client request hook is called with the internal span and an instance of WSGIEnvironment (flask.request.environ) when the method
receive
is called.The client response hook is called with the internal span, the status of the response and a list of key-value (tuples) representing the response headers returned from the response when the method
send
is called.
For example,
def request_hook(span: Span, environ: WSGIEnvironment):
if span and span.is_recording():
span.set_attribute("custom_user_attribute_from_request_hook", "some-value")
def response_hook(span: Span, status: str, response_headers: List):
if span and span.is_recording():
span.set_attribute("custom_user_attribute_from_response_hook", "some-value")
FlaskInstrumentor().instrument(request_hook=request_hook, response_hook=response_hook)
Flask Request object reference: https://flask.palletsprojects.com/en/2.1.x/api/#flask.Request
Capture HTTP request and response headers
You can configure the agent to capture specified HTTP headers as span attributes, according to the semantic convention.
Request headers
To capture HTTP request headers as span attributes, set the environment variable
OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_REQUEST
to a comma delimited list of HTTP header names.
For example,
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_REQUEST="content-type,custom_request_header"
will extract content-type
and custom_request_header
from the request headers and add them as span attributes.
Request header names in Flask are case-insensitive and -
characters are replaced by _
. So, giving the header
name as CUStom_Header
in the environment variable will capture the header named custom-header
.
Regular expressions may also be used to match multiple headers that correspond to the given pattern. For example:
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_REQUEST="Accept.*,X-.*"
Would match all request headers that start with Accept
and X-
.
To capture all request headers, set OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_REQUEST
to ".*"
.
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_REQUEST=".*"
The name of the added span attribute will follow the format http.request.header.<header_name>
where <header_name>
is the normalized HTTP header name (lowercase, with -
replaced by _
). The value of the attribute will be a
single item list containing all the header values.
For example:
http.request.header.custom_request_header = ["<value1>,<value2>"]
Response headers
To capture HTTP response headers as span attributes, set the environment variable
OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_RESPONSE
to a comma delimited list of HTTP header names.
For example,
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_RESPONSE="content-type,custom_response_header"
will extract content-type
and custom_response_header
from the response headers and add them as span attributes.
Response header names in Flask are case-insensitive. So, giving the header name as CUStom-Header
in the environment
variable will capture the header named custom-header
.
Regular expressions may also be used to match multiple headers that correspond to the given pattern. For example:
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_RESPONSE="Content.*,X-.*"
Would match all response headers that start with Content
and X-
.
To capture all response headers, set OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_RESPONSE
to ".*"
.
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SERVER_RESPONSE=".*"
The name of the added span attribute will follow the format http.response.header.<header_name>
where <header_name>
is the normalized HTTP header name (lowercase, with -
replaced by _
). The value of the attribute will be a
single item list containing all the header values.
For example:
http.response.header.custom_response_header = ["<value1>,<value2>"]
Sanitizing headers
In order to prevent storing sensitive data such as personally identifiable information (PII), session keys, passwords,
etc, set the environment variable OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SANITIZE_FIELDS
to a comma delimited list of HTTP header names to be sanitized. Regexes may be used, and all header names will be
matched in a case-insensitive manner.
For example,
export OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SANITIZE_FIELDS=".*session.*,set-cookie"
will replace the value of headers such as session-id
and set-cookie
with [REDACTED]
in the span.
Note
The environment variable names used to capture HTTP headers are still experimental, and thus are subject to change.
API
- class opentelemetry.instrumentation.flask.FlaskInstrumentor(*args, **kwargs)[source]
Bases:
BaseInstrumentor
An instrumentor for flask.Flask
See BaseInstrumentor
- instrumentation_dependencies()[source]
Return a list of python packages with versions that the will be instrumented.
The format should be the same as used in requirements.txt or pyproject.toml.
For example, if an instrumentation instruments requests 1.x, this method should look like: :rtype:
Collection
[str
]- def instrumentation_dependencies(self) -> Collection[str]:
return [‘requests ~= 1.0’]
This will ensure that the instrumentation will only be used when the specified library is present in the environment.