AppD Archive
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to remove cookie ADRUM_BT?

CommunityUser
Splunk Employee
Splunk Employee
‎12-02-2015 05:38 AM

Hi!

AppDynamics adds a cookie to the responses of our ASP.NET services, which I'd like to remove.

The cookie is called: ADRUM_BT

The cookie is set via the Set-Cookie HTTP header by AppDynamics.

This is related to EUM (End User Monitoring) as far as I understand:

https://docs.appdynamics.com/display/PRO14S/Set+Up+and+Configure+Web+EUM

But this setting is causing issues in our caching setup, because this HTTP header added by AppDynamics disables caching for our caching proxy servers.

This is a JSON and XML service where we don't need such kind of tracking currently with this cookie.

How is it possible to disable that this cookie is added by AppDynamics for this Servers or Business transactions?

Thanks,

Tamas

Tags (2)
0 Karma
Reply

CommunityUser
Splunk Employee
Splunk Employee
‎01-27-2016 10:27 AM

We noticed the same issue in our Java and PHP tiers. The documentation is very unclear that a 'magic' side-effect will happen that changes server-side responses to include different headers and cookies.

I opened a support ticket on the matter, and I'll include some of my notes here for public clarity, but first, this is what my support rep mentioned:

---

Browser RUM uses two different kinds of short-lived cookies to help it collect data and correlate events:

  • The ADRUM cookie: written by the JavaScript agent, this cookie contains the referral page URL and some timing information to assist gathering First Byte Time for some browser types. When the agent loads on the subsequent page, it reads the information and then deletes the cookie. If there is no agent on that page, the cookie is deleted when the browser is closed.
    For privacy purposes, the URL of the referral page is hashed.

  • The ADRUM_X_Y_Z cookies: written by the server-side agent when the page is served from an instrumented server. These cookies help correlate browser data with related server-side performance data.

If Browser RUM detects that the page is HTTPS, the cookies are HttpsOnly. None of the cookies contain any personally identifiable information (PII).

You have an option to stop these cookies on node level. You can disable this setting the following agent property:

enable-eum-cookie
type: Boolean
value: false

As described at: https://docs.appdynamics.com/display/PRO41/App+Agent+Node+Properties

However if we set this to false, the Browser requests cannot be correlated to the Back End server calls.

If the app agent is 4.1 or above you can also use the following property:
always-add-eum-metadata-in-http-headers
and set it to true

It will also write the meta data into the headers for the JS agent to consume.

---

Note: I don't actually see these properties in the documentation

The second point is that, at least for us, adding extra data in cookies isn't really safe. We cache our responses in a CDN, which means there isn't even always going to be a sever-side response to monitor, unless the EUM implementation also uses headers to disable downstream caching. Alternatively (still looking into this), it could mean our CDN is caching these cookies, which would render this data inaccurate anyway.

Lastly, just for this thread, the response given to your initial request does not address your concern. Unless I've misread, you asked about disabling the automatic addition of cookies into the http response, while the reply is about disabling automatic injection of a javascript tag in the body of the response.

Reply

Edward_Ferron
Explorer
‎12-18-2015 05:44 PM

In the controller

Navigate to your application

Click Configuration

Click End Use Monitoring 

Scroll to the bottom and Expand the section Only Enable Autoinjection for certain pages section

You can exlude certain pages here

image.png

0 Karma
Reply
Get Updates on the Splunk Community!

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

Join us on Wed, Dec 10. at 10AM PST / 1PM EST for a live webinar and demo with Splunk experts! Discover how ...

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

If you’re unfamiliar, .conf is Splunk’s premier event where the Splunk community, customers, partners, and ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...