Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

ASM capabilities

The following ASM capabilities are supported in the Node.js library, for the specified tracer version:

ASM capabilityMinimum NodeJS tracer version
Threat Detection3.13.1
Threat Protection3.19.0
Vulnerability Management for Open Source Software (OSS)2.23.0 for NodeJS 12+, or 3.10.0 for NodeJS 14+
Vulnerability Management for Code-level (beta)2.32.0 for NodeJS 12+, or 3.19.0 for NodeJS 14+
Automatic user activity event tracking2.38.0 for NodeJS 12+, or 3.25.0 for NodeJS 14+, or 4.4.0 for NodeJS 16+

The minimum tracer version to get all supported ASM capabilities for Node.js is 3.19.0.

Note:

  • Threat Protection requires enabling Remote Configuration, which is included in the listed minimum tracer version.

Supported deployment types

TypeThreat Detection supportVulnerability Management for OSS support
Docker
Kubernetes
AWS ECS
AWS Fargate
AWS Lambdabeta

Language and framework compatibility

Node.js Version Support

When the Node.js project drops support for an LTS major release line (when it goes End of Life), support for it is dropped in the next major version of dd-trace. The last major supporting release line of dd-trace library supports that EOL version of Node.js for at least another year on a maintenance mode basis.

Some issues cannot be solved in dd-trace and instead must be solved in Node.js. When this happens and the Node.js release in question is EOL, it’s not possible to solve the issue without moving to another non-EOL release. Datadog does not make new releases of dd-trace to provide specific support for non-LTS Node.js major release lines (odd numbered versions).

For the best level of support, always run the latest LTS release of Node.js, and the latest major version of dd-trace. Whatever release line of Node.js you use, also use the latest version of Node.js on that release line, to ensure you have the latest security fixes.

For more information about Node.js release, see the official Node.js documentation.

Operating system support

The following operating systems are officially supported by dd-trace. Any operating system not listed is still likely to work, but with some features missing, for example ASM, profiling, and runtime metrics. Generally speaking, operating systems that are actively maintained at the time of initial release for a major version are supported.

dd-trace VersionOperating SystemArchitecturesMinimum Versions
3.xLinux (glibc)arm64, x64CentOS 7, Debian 9, RHEL 7, Ubuntu 14.04
Linux (musl)arm64, x64Alpine 3.13
macOSarm64, x64Catalina (10.15)
Windowsx64Windows 8.1, Windows Server 2012
2.xLinux (glibc)arm64, x64CentOS 7, Debian 9, RHEL 7, Ubuntu 14.04
Linux (musl)arm64, x64Alpine 3.10
macOSarm64, x64Yosemite (10.10)
Windowsx64Windows 8.1, Windows Server 2012

Web framework compatibility

  • Attacker source HTTP request details
  • Tags for the HTTP request (status code, method, etc)
  • Distributed Tracing to see attack flows through your applications
ASM Capability Notes
  • Vulnerability Management for OSS is supported on all frameworks
  • If your framework is not listed below, Vulnerability Management for Code will still detect Weak Cipher, Weak Hashing, Insecure Cookie, Cookie without HttpOnly Flag, and Cookie without SameSite Flag vulnerabilities.
FrameworkVersionsThreat Detection supported?Threat Protection supported?Vulnerability Management for Code-level supported?
express>=4
If you would like to see support added for any of the unsupported capabilities or for your Node.js framework, let us know! Fill out this short form to send details.

Networking framework compatibility

Networking tracing provides:

  • Distributed tracing through your applications
  • Request-based blocking
ASM Capability Notes
  • Vulnerability Management for OSS is supported on all frameworks
FrameworkThreat Detection supported?Threat Protection supported?Vulnerability Management for Code-level supported?
http
https
If you don't see your framework of choice listed, let us know! Fill out this short form to send details.

Data store compatibility

Datastore tracing provides:

  • Timing request to response
  • Query info (for example, a sanitized query string)
  • Error and stacktrace capturing
ASM Capability Notes
  • Vulnerability Management for OSS is supported on all frameworks
  • Threat Protection also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.
FrameworkVersionsThreat Detection supported?Threat Protection supported?Vulnerability Management for Code-level supported?
cassandra-driver>=3
couchbase^2.4.2
elasticsearch>=10
ioredis>=2
knex>=0.8
mariadb>=3
memcached>=2.2
mongodb-core>=2
mysql>=2
mysql2>=1
oracledb>=5
pg>=4
redis>=0.12
sharedb>=1
tedious>=1
sequelize>=4

User Authentication Frameworks compatibility

Integrations to User Authentication Frameworks provide:

  • User login events, including the user IDs
  • The Account Takeover detection monitoring the user login events
FrameworkMinimum Framework Version
passport-local1.0.0
passport-http0.3.0