- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
You can use Datadog Software Composition Analysis (SCA) to monitor the open source libraries in your apps.
SCA is configured by setting the -Ddd.appsec.sca.enabled
flag or the DD_APPSEC_SCA_ENABLED
environment variable to true
in supported languages:
This topic explains how to set up SCA using a Java example.
Update your Datadog Java library to at least version 0.94.0 (at least version 1.1.4 for Software Composition Analysis detection features):
wget -O dd-java-agent.jar 'https://dtdg.co/latest-java-tracer'
curl -Lo dd-java-agent.jar 'https://dtdg.co/latest-java-tracer'
ADD 'https://dtdg.co/latest-java-tracer' dd-java-agent.jar
Run your Java application with SCA enabled. From the command line:
java -javaagent:/path/to/dd-java-agent.jar -Ddd.appsec.sca.enabled=true -Ddd.service=<MY SERVICE> -Ddd.env=<MY_ENV> -jar path/to/app.jar
Or one of the following methods, depending on where your application runs:
Note: Read-only file systems are not supported at this time. The application must have access to a writable /tmp
directory.
Update your configuration container for APM by adding the following argument in your docker run
command:
docker run [...] -e DD_APPSEC_SCA_ENABLED=true [...]
Add the following environment variable value to your container Dockerfile:
ENV DD_APPSEC_SCA_ENABLED=true
Update your deployment configuration file for APM and add the SCA environment variable:
spec:
template:
spec:
containers:
- name: <CONTAINER_NAME>
image: <CONTAINER_IMAGE>/<TAG>
env:
- name: DD_APPSEC_SCA_ENABLED
value: "true"
Update your ECS task definition JSON file, by adding this in the environment section:
"environment": [
...,
{
"name": "DD_APPSEC_SCA_ENABLED",
"value": "true"
}
]
Set the -Ddd.appsec.sca.enabled
flag or the DD_APPSEC_SCA_ENABLED
environment variable to true
in your service invocation:
java -javaagent:dd-java-agent.jar \
-Ddd.appsec.sca.enabled=true \
-jar <YOUR_SERVICE>.jar \
<YOUR_SERVICE_FLAGS>