From 52b0aa7870b6c1fc2ac016c72d5f163609217e46 Mon Sep 17 00:00:00 2001 From: Gorka Vicente Date: Tue, 19 Aug 2025 12:08:51 +0200 Subject: [PATCH] Update How to Confirm that Runtime Capabilities are enabled --- .../code_security/troubleshooting/_index.md | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/content/en/security/code_security/troubleshooting/_index.md b/content/en/security/code_security/troubleshooting/_index.md index 658b851af7601..940ac8c10d257 100644 --- a/content/en/security/code_security/troubleshooting/_index.md +++ b/content/en/security/code_security/troubleshooting/_index.md @@ -184,13 +184,13 @@ There are a series of steps that must run successfully for vulnerability informa ### Confirming runtime detection is enabled -If you have enabled runtime vulnerability detection on your services, you can use the metric `datadog.apm.appsec_host` to check if SCA is running. +If you have enabled Runtime Software Composition Analysis (SCA) on your services, you can use the metric `datadog.appsec.risk_management.sca.host_instance` to check if it is running. 1. Go to **Metrics > Summary** in Datadog. -2. Search for the metric `datadog.apm.appsec_host`. If the metric doesn't exist, then there are no services running AAP. If the metric exists, the services are reported with the metric tags `host` and `service`. +2. Search for the metric `datadog.appsec.risk_management.sca.host_instance`. If the metric doesn't exist, then there are no services running Runtime Software Composition Analysis (SCA). If the metric exists, the services are reported with the metric tags `host` and `service`. 3. Select the metric, and in the **Tags** section, search for `service` to see which services are running AAP. -If you are not seeing `datadog.apm.appsec_host`, check the [in-app instructions][3] to confirm that all steps for the initial setup are complete. +If you are not seeing `datadog.appsec.risk_management.sca.host_instance`, check the [in-app instructions][3] to confirm that all steps for the initial setup are complete. Runtime application security data is sent with APM traces. See [APM troubleshooting][4] to [confirm APM setup][5] and check for [connection errors][6]. @@ -207,6 +207,16 @@ Ensure the `DD_INSTRUMENTATION_TELEMETRY_ENABLED` environment variable (`DD_TRAC ### Confirm IAST is enabled Ensure the `DD_IAST_ENABLED` environment variable is set to `true` or the corresponding system property for your language is enabled. +If you have enabled Runtime Code Analysis (IAST) on your services, you can use the metric `datadog.appsec.risk_management.iast.host_instance` to check if it is running. + +1. Go to **Metrics > Summary** in Datadog. +2. Search for the metric `datadog.appsec.risk_management.iast.host_instance`. If the metric doesn't exist, then there are no services running Runtime Code Analysis (IAST). If the metric exists, the services are reported with the metric tags `host` and `service`. +3. Select the metric, and in the **Tags** section, search for `service` to see which services are running AAP. + +If you are not seeing `datadog.appsec.risk_management.iast.host_instance`, check the [in-app instructions][20] to confirm that all steps for the initial setup are complete. + +Runtime application security data is sent with APM traces. See [APM troubleshooting][4] to [confirm APM setup][5] and check for [connection errors][6]. + ### Issues with Python and Flask instrumentation If you're running a Flask application, ensure that you are calling the `ddtrace_iast_flask_patch()` function at the top level of the module and before calling `app.run()`. For more information, see the [Flask integration documentation][17]. @@ -259,3 +269,4 @@ To disable IAST, remove the `DD_IAST_ENABLED=true` environment variable from you [17]: https://app.datadoghq.com/security/configuration/code-security/setup [18]: https://docs.github.com/en/repositories/working-with-files/managing-large-files/about-git-large-file-storage [19]: https://docs.datadoghq.com/security/code_security/software_composition_analysis/setup_static/?tab=datadog#running-options +[20]: /security/configuration/code-security/setup?steps=iast