Distributed tracing

Distributed tracing provides visibility into the full path a request takes in a distributed system, helping to instrument, collect, and export telemetry data. PingFederate supports the OpenTelemetry framework (OTEL) for collecting distributed tracing data. Distributed traces are sent using OpenTelemetry Protocol (OTLP) from PingFederate to a backend service like Jaeger for collection, storage, and visualization.

Distributed tracing is an evolving feature in PingFederate. It’s subject to change without notice, even in a minor or maintenance release.

Supported request types

PingFederate supports distributed tracing for the following request types:

Incoming HTTP requests
Outgoing HTTP requests
Outgoing Java database connectivity (JDBC) requests
Outgoing Lightweight Directory Access Protocol (LDAP) requests to PingDirectory 11.0 and PingDS 8.1 or later

Configuring distributed tracing

About this task

You can configure distributed tracing by editing the run.properties and opentelemetry.properties files. You can also define the properties as environment variables. Learn more in Overriding configuration settings using environment variables.

To convert an OpenTelemetry property to an environment variable:

Convert the name to uppercase.
Replace all . and - characters with _.

For example, the otel.sdk.disabled property is equivalent to the OTEL_SDK_DISABLED environment variable.

If a property is defined as both a system property and environment variable, the system property takes priority.

Steps

Enable distributed tracing:
1. Open the <pf_install>/pingfederate/bin/run.properties file in a text editor.
2. Set pf.enable.distributed.tracing to true.
3. Repeat these steps for each node in the cluster.
4. Start or restart PingFederate.

To configure OpenTelemetry properties, open the <pf_install>/pingfederate/bin/opentelemetry.properties file in a text editor. You can also set the properties using environment variables.

You can find the full list of configurable OpenTelemetry properties in the OpenTelemetry SDK documentation.

The following table lists the default properties in opentelemetry.properties:

Property Description

Property	Description
`otel.service.name`	The customizable name of your application/service. The default is `PingFederate`.
`otel.exporter.otlp.endpoint`	The endpoint for your OpenTelemetry Collector or backend. The default value is `http://localhost:4318`.
`otel.exporter.otlp.protocol`	Specifies the OTLP transport protocol to be used for all telemetry data. The default value is `http/protobuf` to use OTLP/HTTP + protobuf. Other valid values are: `grpc` to use OTLP/gRPC `http/json` to use OTLP/HTTP + JSON
`otel.resource.attributes`	Optionally define static environment metadata for all telemetry data in the format of `key1=val,key2=val`.

otel.service.name

The customizable name of your application/service.

The default is PingFederate.

otel.exporter.otlp.endpoint

The endpoint for your OpenTelemetry Collector or backend.

The default value is http://localhost:4318.

otel.exporter.otlp.protocol

Specifies the OTLP transport protocol to be used for all telemetry data.

The default value is http/protobuf to use OTLP/HTTP + protobuf.

Other valid values are:

grpc to use OTLP/gRPC
http/json to use OTLP/HTTP + JSON

otel.resource.attributes

Optionally define static environment metadata for all telemetry data in the format of key1=val,key2=val.

Start or restart PingFederate.