Linux setup page

Author: daniel-romano-DD

content/en/security/application_security/setup/dotnet/_index.md

@@ -0,0 +1,52 @@
+---
+title: Enabling AAP for .NET
+code_lang: dotnet
+type: multi-code-lang
+code_lang_weight: 0
+aliases:
+  - /security_platform/application_security/getting_started/dotnet
+  - /security/application_security/getting_started/dotnet
+  - /security/application_security/threats/setup/threat_detection/dotnet
+  - /security/application_security/threats_detection/dotnet
+further_reading:
+- link: "/security/application_security/add-user-info/"
+  tag: "Documentation"
+  text: "Adding user information to traces"
+- link: 'https://github.com/DataDog/dd-trace-dotnet'
+  tag: "Source Code"
+  text: '.NET Datadog library source code'
+- link: "/security/default_rules/?category=cat-application-security"
+  tag: "Documentation"
+  text: "OOTB App and API Protection Rules"
+- link: "/security/application_security/troubleshooting"
+  tag: "Documentation"
+  text: "Troubleshooting App and API Protection"
+---
+{{< partial name="app_and_api_protection/callout.html" >}}
+
+{{< partial name="app_and_api_protection/dotnet/overview.html" >}}
+
+## Environments
+
+### Hosts
+{{< appsec-integrations >}}
+  {{< appsec-integration name="Linux" avatar="linux" link="./linux" >}}
+  <!--{{< appsec-integration name="macOS" avatar="apple" link="./macos" >}}-->
+  <!--{{< appsec-integration name="Windows" avatar="windows" link="./windows" >}}-->
+{{< /appsec-integrations >}}
+<!--
+### Cloud and Container Platforms
+{{< appsec-integrations >}}
+{{< appsec-integration name="Docker" avatar="docker" link="./docker" >}}
+{{< appsec-integration name="Kubernetes" avatar="kubernetes" link="./kubernetes" >}}
+{{< /appsec-integrations >}}
+
+### AWS
+{{< appsec-integrations >}}
+{{< appsec-integration name="AWS Fargate" avatar="amazon-ecs" link="./aws_fargate" >}}
+{{< /appsec-integrations >}}
+-->
+## Additional Resources
+
+- [Troubleshooting Guide](dotnet/troubleshooting)
+- [Compatibility Information](dotnet/compatibility)

content/en/security/application_security/setup/dotnet/compatibility.md

@@ -0,0 +1,84 @@
+---
+title: .NET Compatibility Requirements
+code_lang: dotnet
+type: multi-code-lang
+code_lang_weight: 10
+aliases:
+  - /security/application_security/threats/setup/compatibility/dotnet
+---
+
+## App and API Protection capabilities
+
+The following App and API Protection capabilities are supported in the .NET library, for the specified tracer version:
+
+| App and API Protection capability       | Minimum .NET tracer version |
+| --------------------------------------- | ----------------------------|
+| Threat Detection                        | 2.23.0                      |
+| Threat Protection                       | 2.26.0                      |
+| Customize response to blocked requests  | 2.27.0                      |
+| Automatic user activity event tracking  | 2.32.0                      |
+| API Security                            | 2.42.0                      |
+
+The minimum tracer version to get all supported App and API Protection capabilities for .NET is 2.42.0.
+
+**Note**: Threat Protection requires enabling [Remote Configuration][1], which is included in the listed minimum tracer version.
+
+### Supported deployment types
+
+Threat Detection is supported for the following deployment types:
+
+- Docker
+- Kubernetes
+- Amazon ECS
+- AWS Fargate
+- AWS Lambda
+- Azure App Service
+
+**Note**: Azure App Service is supported for **web applications only**. App and API Protection capabilities are not supported for Azure Functions.
+
+## Language and framework compatibility
+
+### Supported .NET versions
+
+The Datadog .NET Tracing library is open source. View the [GitHub repository][2] for more information.
+
+The .NET Tracer supports instrumentation from 
+ - .NET Framework 4.6.1 and newer versions
+ - .NET Core 3.1 and newer versions
+
+These are supported on the following architectures:
+- Linux (GNU) x86-64, ARM64
+- Alpine Linux (musl) x86-64, ARM64
+- macOS (Darwin) x86-64, ARM64
+- Windows (msvc) x86, x86-64
+
+For a complete list of supported versions abd operating systems, see the [.NET Core tracer documentation][3] and [.NET Framework tracer documentation][4].
+
+You must be running Datadog Agent v7.41.1+ for App and API Protection features.
+
+## Integrations
+
+The .NET tracer includes support for the following frameworks, data stores, and libraries:
+
+### Web framework compatibility
+- ASP.NET MVC
+- ASP.NET Web API 2
+
+### Data stores
+- OracleDB
+- ADO.NET
+- SQL Server
+- MySQL
+- SQLite
+- PostgreSQL
+
+### Other
+- Kafka
+- GraphQL
+
+For a complete list of supported integrations and their versions, see the [.NET Core tracer documentation][3] and [.NET Framework tracer documentation][4].
+
+[1]: /agent/remote_config/#enabling-remote-configuration
+[2]: https://github.com/DataDog/dd-trace-dotnet
+[3]: /tracing/trace_collection/compatibility/dotnet-core
+[4]: /tracing/trace_collection/compatibility/dotnet-framework

content/en/security/application_security/setup/dotnet/linux.md

@@ -0,0 +1,123 @@
+---
+title: Set up App and API Protection for .NET on Linux
+code_lang: linux
+type: multi-code-lang
+code_lang_weight: 30
+further_reading:
+- link: "/security/application_security/how-it-works/"
+  tag: "Documentation"
+  text: "How App and API Protection Works"
+- link: "/security/default_rules/?category=cat-application-security"
+  tag: "Documentation"
+  text: "OOTB App and API Protection Rules"
+- link: "/security/application_security/troubleshooting"
+  tag: "Documentation"
+  text: "Troubleshooting App and API Protection"
+---
+{{% app_and_api_protection_dotnet_setup_options platform="linux" %}}
+
+{{% app_and_api_protection_dotnet_overview %}}
+
+## Prerequisites
+
+- Linux operating system
+- .NET application
+- Root or sudo privileges
+- Systemd (for service management)
+- Your Datadog API key
+- Datadog .NET tracing library (see version requirements [here][1])
+
+## 1. Installing the Datadog Agent
+
+Install the Datadog Agent by following the [setup instructions for Linux hosts][2].
+
+## 2. Enabling App and API Protection monitoring
+
+{{% app_and_api_protection_navigation_menu %}}
+{{% appsec-remote-config-activation %}}
+
+### Manually enabling App and API Protection monitoring
+
+{{< tabs >}}
+{{% tab "AMD 64 Platforms" %}}
+
+Download the latest [.NET Tracer package][3] that supports your operating system and architecture.
+
+**Note on version**: replace <TRACER_VERSION> with the latest three component version of the library (ej: 3.21.0)
+
+```bash
+wget -O datadog-dotnet-apm-<TRACER_VERSION>.tar.gz 'https://github.com/DataDog/dd-trace-dotnet/releases/download/v<TRACER_VERSION>'
+```
+
+Run the following command to install the package and create the .NET tracer log directory `/var/log/datadog/dotnet` with the appropriate permissions:
+
+```bash
+sudo tar -C /opt/datadog -xzf datadog-dotnet-apm-<TRACER_VERSION>.tar.gz && /opt/datadog/createLogPath.sh
+```
+{{% /tab %}}
+{{% tab "ARM 64 Platforms" %}}
+
+Download the latest [.NET Tracer package][1] that supports your operating system and architecture.
+
+**Note on version**: replace <TRACER_VERSION> with the latest three component version of the library (ej: 3.21.0)
+
+```bash
+wget -O datadog-dotnet-apm-<TRACER_VERSION>.arm64.tar.gz 'https://github.com/DataDog/dd-trace-dotnet/releases/download/v<TRACER_VERSION>'
+```
+
+Run the following command to install the package and create the .NET tracer log directory `/var/log/datadog/dotnet` with the appropriate permissions:
+
+```bash
+sudo tar -C /opt/datadog -xzf datadog-dotnet-apm-<TRACER_VERSION>.arm64.tar.gz && /opt/datadog/createLogPath.sh
+```
+
+{{% /tab %}}
+{{< /tabs >}}
+
+{{% collapse-content title="APM Tracing Enabled" level="h4" %}}
+Set the required environment variables and start your .NET application:
+
+```bash
+export CORECLR_ENABLE_PROFILING=1
+export CORECLR_PROFILER={846F5F1C-F9AE-4B07-969E-05C26BC060D8}
+export CORECLR_PROFILER_PATH=/opt/datadog/Datadog.Trace.ClrProfiler.Native.so
+export DD_DOTNET_TRACER_HOME=/opt/datadog
+export DD_SERVICE=<MY_SERVICE>
+export DD_ENV=<MY_ENV>
+export DD_APPSEC_ENABLED=true
+```
+{{% /collapse-content %}}
+
+{{% collapse-content title="APM Tracing Disabled" level="h4" %}}
+To disable APM tracing while keeping App and API Protection enabled, you must set the APM tracing variable to false.
+```bash
+export CORECLR_ENABLE_PROFILING=1
+export CORECLR_PROFILER={846F5F1C-F9AE-4B07-969E-05C26BC060D8}
+export CORECLR_PROFILER_PATH=/opt/datadog/Datadog.Trace.ClrProfiler.Native.so
+export DD_DOTNET_TRACER_HOME=/opt/datadog
+export DD_SERVICE=<MY_SERVICE>
+export DD_ENV=<MY_ENV>
+export DD_APPSEC_ENABLED=true
+export DD_APM_TRACING_ENABLED=false
+```
+
+{{% /collapse-content %}}
+
+## 3. Run your application
+
+Start your Java application with above settings.
+
+{{% app_and_api_protection_verify_setup %}}
+
+## Troubleshooting
+
+If you encounter issues while setting up App and API Protection for your Java application, see the [.NET App and API Protection troubleshooting guide][4].
+
+## Further Reading
+
+{{< partial name="whats-next/whats-next.html" >}}
+
+[1]: /security/application_security/setup/dotnet/compatibility
+[2]: /agent/?tab=Linux
+[3]: https://github.com/DataDog/dd-trace-dotnet/releases
+[4]: /security/application_security/setup/dotnet/troubleshooting

content/en/security/application_security/setup/linux/_index.md

@@ -32,7 +32,7 @@ Learn how to set up App and API Protection (AAP) on your Linux services by selec
   {{< appsec-integration name="Java" avatar="java" link="/security/application_security/setup/java/linux" >}}
   {{< appsec-integration name="Go" avatar="go" link="/security/application_security/setup/go" >}}
   {{< appsec-integration name="Ruby" avatar="ruby" link="/security/application_security/setup/ruby" >}}
-  {{< appsec-integration name=".NET" avatar="dotnet" link="/security/application_security/setup/dotnet" >}}
+  {{< appsec-integration name=".NET" avatar="dotnet" link="/security/application_security/setup/dotnet/linux" >}}
   {{< appsec-integration name="PHP" avatar="php" link="/security/application_security/setup/php" >}}
 {{< /appsec-integrations >}}
 

layouts/shortcodes/app_and_api_protection_dotnet_overview.md

@@ -0,0 +1,14 @@
+{{ $showSetup := .Get "showSetup" | default "true" | eq "true" }}
+
+## Overview
+App and API Protection leverages the [Datadog .NET library](https://github.com/DataDog/dd-trace-dotnet/) to monitor and secure your .NET service. The library integrates seamlessly with your existing application without requiring code changes.
+
+For detailed compatibility information, including supported DOTNET versions, frameworks, and deployment environments, see [.NET Compatibility Requirements](/security/application_security/setup/dotnet/compatibility).
+
+{{ if $showSetup }}
+This guide explains how to set up App and API Protection (AAP) for .NET applications. The setup involves:
+1. <a href="#1-installing-the-datadog-agent">Installing the Datadog Agent</a>.
+2. <a href="#2-enabling-app-and-api-protection-monitoring">Enabling App and API Protection monitoring</a>.
+3. <a href="#3-run-your-application">Running your .NET application with the Datadog Agent</a>.
+4. <a href="#4-verify-setup">Verifying the setup</a>.
+{{ end }}

layouts/shortcodes/app_and_api_protection_dotnet_setup_options.md

@@ -0,0 +1,9 @@
+<div class="alert alert-info">
+<p>You can enable App and API Protection for .NET services with the following setup options:</p>
+
+<ol>
+<li>If your .NET service already has APM tracing set up and running, then skip to <a href="#automatically-enabling-app-and-api-protection-through-remote-configuration">service configuration</a>.</li>
+<li>If your .NET service doesn't have APM tracing set up, you can easily enable App and API Protection with Datadog's <a href="https://docs.datadoghq.com/tracing/trace_collection/automatic_instrumentation/single-step-apm/{{ .Get "platform" }}/">Automatic Installation</a>.</li>
+<li>Otherwise, continue reading the manual setup instructions below.</li>
+</ol>
+</div>