How can I avoid collecting client location info from Application Insights in node.js?

Question

I have a node.js application and I am using Application Insights to collect telemetry on our users. We are using the applicationinsights npm package.

Our users' privacy is very important to us and we want to collect as little data about them as we need. To this end, we do not want to collect location data (country, state/province, and client-ip). However, I can't see how we can avoid sending that data to azure. Is it possible to avoid sending it?

I'm guessing that the location data is coming directly from the http request. So, it might be that I need to change something in the npm package to remove the location headers from the request, but this does not appear to be exposed to the application.

Any ideas on how to fix this?

Answer 1

As Matt mentioned, you can change the data being sent to App Insights- this is certainly necessary in cases where the default logging contains information you don't want sent to our servers for any reason. The only thing I would adjust from his suggestion is the it is recommended to use TelemetryInitializers instead of TelemetryProcessors to do this modification. Any part of the data model should be able to be adjusted or removed from an initializer. This is also particularly useful if there is anything in the request data that you would consider PII. You can see the non-custom data model here: https://learn.microsoft.com/en-us/azure/azure-monitor/app/export-data-model

All location data in App Insights is based on IP address. The IP address is sent to App Insights and from there is is processed using the GeoLite2 database. Once the conversion happens, we discard the IP address so that we are never keeping IP addresses permanently. That's why when you query your logs the IP address field will always contain 0.0.0.0 for all records.