diff --git a/.chloggen/2093.yaml b/.chloggen/2093.yaml
new file mode 100644
index 0000000000..a0b3fc0455
--- /dev/null
+++ b/.chloggen/2093.yaml
@@ -0,0 +1,22 @@
+# Use this changelog template to create an entry for release notes.
+#
+# If your change doesn't affect end users you should instead start
+# your pull request title with [chore] or use the "Skip Changelog" label.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: breaking
+
+# The name of the area of concern in the attributes-registry, (e.g. http, cloud, db)
+component: db
+
+# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Add `db.query.parameter`, replace relevant usages of `db.operation.parameter`
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+# The values here must be integers.
+issues: [ 2093 ]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext:
diff --git a/docs/attributes-registry/db.md b/docs/attributes-registry/db.md
index d1c0fac06e..11dd449c30 100644
--- a/docs/attributes-registry/db.md
+++ b/docs/attributes-registry/db.md
@@ -19,13 +19,14 @@ This group defines the attributes used to describe telemetry in the context of d
| `db.namespace` | string | The name of the database, fully qualified within the server address and port. [2] | `customers`; `test.users` |  |
| `db.operation.batch.size` | int | The number of queries included in a batch operation. [3] | `2`; `3`; `4` |  |
| `db.operation.name` | string | The name of the operation or command being executed. [4] | `findAndModify`; `HMSET`; `SELECT` |  |
-| `db.operation.parameter.` | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [5] | `someval`; `55` |  |
-| `db.query.summary` | string | Low cardinality representation of a database query text. [6] | `SELECT wuser_table`; `INSERT shipping_details SELECT orders`; `get user by id` |  |
-| `db.query.text` | string | The database query being executed. [7] | `SELECT * FROM wuser_table where username = ?`; `SET mykey ?` |  |
+| `db.operation.parameter.` | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [5] | `someval`; `55` |  |
+| `db.query.parameter.` | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [6] | `someval`; `55` |  |
+| `db.query.summary` | string | Low cardinality representation of a database query text. [7] | `SELECT wuser_table`; `INSERT shipping_details SELECT orders`; `get user by id` |  |
+| `db.query.text` | string | The database query being executed. [8] | `SELECT * FROM wuser_table where username = ?`; `SET mykey ?` |  |
| `db.response.returned_rows` | int | Number of rows returned by the operation. | `10`; `30`; `1000` |  |
-| `db.response.status_code` | string | Database response status code. [8] | `102`; `ORA-17002`; `08P01`; `404` |  |
-| `db.stored_procedure.name` | string | The name of a stored procedure within the database. [9] | `GetCustomer` |  |
-| `db.system.name` | string | The database management system (DBMS) product as identified by the client instrumentation. [10] | `other_sql`; `softwareag.adabas`; `actian.ingres` |  |
+| `db.response.status_code` | string | Database response status code. [9] | `102`; `ORA-17002`; `08P01`; `404` |  |
+| `db.stored_procedure.name` | string | The name of a stored procedure within the database. [10] | `GetCustomer` |  |
+| `db.system.name` | string | The database management system (DBMS) product as identified by the client instrumentation. [11] | `other_sql`; `softwareag.adabas`; `actian.ingres` |  |
**[1] `db.collection.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -56,27 +57,29 @@ then that operation name SHOULD be used prepended by `BATCH `,
otherwise `db.operation.name` SHOULD be `BATCH` or some other database
system specific term if more applicable.
-**[5] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[5] `db.operation.parameter`:** `db.query.text` parameters SHOULD be captured using `db.query.parameter.` instead of `db.operation.parameter.`.
-**[6] `db.query.summary`:** `db.query.summary` provides static summary of the query text. It describes a class of database queries and is useful as a grouping key, especially when analyzing telemetry for database calls involving complex queries.
+**[6] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
+
+**[7] `db.query.summary`:** `db.query.summary` provides static summary of the query text. It describes a class of database queries and is useful as a grouping key, especially when analyzing telemetry for database calls involving complex queries.
Summary may be available to the instrumentation through instrumentation hooks or other means. If it is not available, instrumentations that support query parsing SHOULD generate a summary following [Generating query summary](/docs/database/database-spans.md#generating-a-summary-of-the-query-text) section.
-**[7] `db.query.text`:** For sanitization see [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
+**[8] `db.query.text`:** For sanitization see [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
For batch operations, if the individual operations are known to have the same query text then that query text SHOULD be used, otherwise all of the individual query texts SHOULD be concatenated with separator `; ` or some other database system specific separator if more applicable.
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
-**[8] `db.response.status_code`:** The status code returned by the database. Usually it represents an error code, but may also represent partial success, warning, or differentiate between various types of successful outcomes.
+**[9] `db.response.status_code`:** The status code returned by the database. Usually it represents an error code, but may also represent partial success, warning, or differentiate between various types of successful outcomes.
Semantic conventions for individual database systems SHOULD document what `db.response.status_code` means in the context of that system.
-**[9] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
+**[10] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
For batch operations, if the individual operations are known to have the same
stored procedure name then that stored procedure name SHOULD be used.
-**[10] `db.system.name`:** The actual DBMS may differ from the one identified by the client. For example, when using PostgreSQL client libraries to connect to a CockroachDB, the `db.system.name` is set to `postgresql` based on the instrumentation's best knowledge.
+**[11] `db.system.name`:** The actual DBMS may differ from the one identified by the client. For example, when using PostgreSQL client libraries to connect to a CockroachDB, the `db.system.name` is set to `postgresql` based on the instrumentation's best knowledge.
---
@@ -168,7 +171,6 @@ Describes deprecated database attributes.
| `db.mssql.instance_name` | string | Deprecated, SQL Server instance is now populated as a part of `db.namespace` attribute. | `MSSQLSERVER` | 
Deprecated, no replacement at this time. |
| `db.name` | string | Deprecated, use `db.namespace` instead. | `customers`; `main` | 
Replaced by `db.namespace`. |
| `db.operation` | string | Deprecated, use `db.operation.name` instead. | `findAndModify`; `HMSET`; `SELECT` | 
Replaced by `db.operation.name`. |
-| `db.query.parameter.` | string | A query parameter used in `db.query.text`, with `` being the parameter name, and the attribute value being a string representation of the parameter value. | `someval`; `55` | 
Replaced by `db.operation.parameter`. |
| `db.redis.database_index` | int | Deprecated, use `db.namespace` instead. | `0`; `1`; `15` | 
Replaced by `db.namespace`. |
| `db.sql.table` | string | Deprecated, use `db.collection.name` instead, but only if not extracting the value from `db.query.text`. | `mytable` | 
Replaced by `db.collection.name`, but only if not extracting the value from `db.query.text`. |
| `db.statement` | string | The database statement being executed. | `SELECT * FROM wuser_table`; `SET mykey "WuValue"` | 
Replaced by `db.query.text`. |
diff --git a/docs/database/cassandra.md b/docs/database/cassandra.md
index 4c17a54604..690493efbd 100644
--- a/docs/database/cassandra.md
+++ b/docs/database/cassandra.md
@@ -57,7 +57,7 @@ Spans representing calls to a Cassandra database adhere to the general [Semantic
| [`network.peer.address`](/docs/attributes-registry/network.md) | string | Peer address of the database node where the operation was performed. [16] | `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
| [`network.peer.port`](/docs/attributes-registry/network.md) | int | Peer port number of the network connection. | `65123` | `Recommended` if and only if `network.peer.address` is set. |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [17] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [18] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [18] | `someval`; `55` | `Opt-In` |  |
**[1] `db.collection.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -111,15 +111,15 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[15] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[16] `network.peer.address`:** If a database operation involved multiple network calls (for example retries), the address of the last contacted node SHOULD be used.
**[17] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[18] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[18] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/cosmosdb.md b/docs/database/cosmosdb.md
index e28ed4595f..6ba8b17c2e 100644
--- a/docs/database/cosmosdb.md
+++ b/docs/database/cosmosdb.md
@@ -68,7 +68,7 @@ Semantic conventions described in this document apply to the call-level spans on
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [15] | `GetCustomer` | `Recommended` [16] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [17] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
| [`user_agent.original`](/docs/attributes-registry/user-agent.md) | string | Full user-agent string is generated by Cosmos DB SDK [18] | `cosmos-netstandard-sdk/3.23.0\|3.23.1\|1\|X64\|Linux 5.4.0-1098-azure 104 18\|.NET Core 3.1.32\|S\|` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [19] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [19] | `someval`; `55` | `Opt-In` |  |
**[1] `azure.cosmosdb.connection.mode`:** if not `gateway` (the default value is assumed to be `gateway`).
@@ -224,7 +224,7 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[14] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[15] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -240,9 +240,9 @@ stored procedure name then that stored procedure name SHOULD be used.
Format Reg-{D (Disabled discovery)}-S(application region)|L(List of preferred regions)|N(None, user did not configure it).
Default value is "NS".
-**[19] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[19] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/database-spans.md b/docs/database/database-spans.md
index 57db5e0aac..dc3217be89 100644
--- a/docs/database/database-spans.md
+++ b/docs/database/database-spans.md
@@ -116,7 +116,7 @@ classify as errors.
| [`network.peer.address`](/docs/attributes-registry/network.md) | string | Peer address of the database node where the operation was performed. [17] | `10.1.2.80`; `/tmp/my.sock` | `Recommended` If applicable for this database system. |  |
| [`network.peer.port`](/docs/attributes-registry/network.md) | int | Peer port number of the network connection. | `65123` | `Recommended` if and only if `network.peer.address` is set. |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [18] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [19] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [19] | `someval`; `55` | `Opt-In` |  |
**[1] `db.system.name`:** The actual DBMS may differ from the one identified by the client. For example, when using PostgreSQL client libraries to connect to a CockroachDB, the `db.system.name` is set to `postgresql` based on the instrumentation's best knowledge.
@@ -176,16 +176,16 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[16] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[17] `network.peer.address`:** Semantic conventions for individual database systems SHOULD document whether `network.peer.*` attributes are applicable. Network peer address and port are useful when the application interacts with individual database nodes directly.
If a database operation involved multiple network calls (for example retries), the address of the last contacted node SHOULD be used.
**[18] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[19] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[19] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/mariadb.md b/docs/database/mariadb.md
index 17d23d2eae..d35c0f48d4 100644
--- a/docs/database/mariadb.md
+++ b/docs/database/mariadb.md
@@ -44,7 +44,7 @@ Spans representing calls to MariaDB adhere to the general [Semantic Conventions
| [`db.response.returned_rows`](/docs/attributes-registry/db.md) | int | Number of rows returned by the operation. | `10`; `30`; `1000` | `Recommended` |  |
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [11] | `GetCustomer` | `Recommended` [12] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [13] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** A connection's currently associated database may change during its lifetime, e.g. from executing `USE `.
@@ -80,7 +80,7 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[11] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -92,9 +92,9 @@ stored procedure name then that stored procedure name SHOULD be used.
**[13] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[14] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[14] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/mssql.md b/docs/database/mssql.md
index 6ce4ea15aa..3f5c1203be 100644
--- a/docs/database/mssql.md
+++ b/docs/database/mssql.md
@@ -46,7 +46,7 @@ Spans representing calls to Microsoft SQL Server adhere to the general [Semantic
| [`db.response.returned_rows`](/docs/attributes-registry/db.md) | int | Number of rows returned by the operation. | `10`; `30`; `1000` | `Recommended` |  |
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [11] | `GetCustomer` | `Recommended` [12] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [13] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** When connected to a default instance, `db.namespace` SHOULD be set to the name of
the database. When connected to a [named instance](https://learn.microsoft.com/sql/connect/jdbc/building-the-connection-url#named-and-multiple-sql-server-instances),
@@ -85,7 +85,7 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[11] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -97,9 +97,9 @@ stored procedure name then that stored procedure name SHOULD be used.
**[13] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[14] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[14] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/mysql.md b/docs/database/mysql.md
index 4507570c3f..2ac54ee226 100644
--- a/docs/database/mysql.md
+++ b/docs/database/mysql.md
@@ -46,7 +46,7 @@ Spans representing calls to a MySQL Server adhere to the general [Semantic Conve
| [`db.response.returned_rows`](/docs/attributes-registry/db.md) | int | Number of rows returned by the operation. | `10`; `30`; `1000` | `Recommended` |  |
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [11] | `GetCustomer` | `Recommended` [12] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [13] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** A connection's currently associated database may change during its lifetime, e.g. from executing `USE `.
@@ -80,7 +80,7 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[11] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -92,9 +92,9 @@ stored procedure name then that stored procedure name SHOULD be used.
**[13] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[14] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[14] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/oracledb.md b/docs/database/oracledb.md
index a6e4b1ec32..159a29afe3 100644
--- a/docs/database/oracledb.md
+++ b/docs/database/oracledb.md
@@ -46,7 +46,7 @@ Spans representing calls to a Oracle SQL Database adhere to the general [Semanti
| [`db.response.returned_rows`](/docs/attributes-registry/db.md) | int | Number of rows returned by the operation. | `10`; `30`; `1000` | `Recommended` |  |
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [11] | `GetCustomer` | `Recommended` [12] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [13] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** `db.namespace` SHOULD be set to the combination of instance name, database name and
service name following the `{instance_name}|{database_name}|{service_name}` pattern.
@@ -72,7 +72,7 @@ Summary may be available to the instrumentation through instrumentation hooks or
**[9] `db.query.text`:** For sanitization see [Sanitization of `db.query.text`](../database/database-spans.md#sanitization-of-dbquerytext). For batch operations, if the individual operations are known to have the same query text then that query text SHOULD be used, otherwise all of the individual query texts SHOULD be concatenated with separator `; ` or some other database system specific separator if more applicable.
-**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless explicitly configured and sanitized to exclude sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](../database/database-spans.md#sanitization-of-dbquerytext). Parameterized query text MUST also NOT be collected by default unless explicitly configured. The query parameter values themselves are opt-in, see [`db.operation.parameter.`](../attributes-registry/db.md)).
+**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless explicitly configured and sanitized to exclude sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](../database/database-spans.md#sanitization-of-dbquerytext). Parameterized query text MUST also NOT be collected by default unless explicitly configured. The query parameter values themselves are opt-in, see [`db.query.parameter.`](../attributes-registry/db.md)).
**[11] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -84,9 +84,9 @@ stored procedure name then that stored procedure name SHOULD be used.
**[13] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[14] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[14] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/postgresql.md b/docs/database/postgresql.md
index 85d520ae51..74748b9cf7 100644
--- a/docs/database/postgresql.md
+++ b/docs/database/postgresql.md
@@ -46,7 +46,7 @@ Spans representing calls to a PostgreSQL database adhere to the general [Semanti
| [`db.response.returned_rows`](/docs/attributes-registry/db.md) | int | Number of rows returned by the operation. | `10`; `30`; `1000` | `Recommended` |  |
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [11] | `GetCustomer` | `Recommended` [12] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [13] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** `db.namespace` SHOULD be set to the combination of database and schema name following the `{database}.{schema}` pattern.
@@ -87,7 +87,7 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[11] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -99,9 +99,9 @@ stored procedure name then that stored procedure name SHOULD be used.
**[13] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[14] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[14] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/redis.md b/docs/database/redis.md
index f92e1a045e..9c4c5e6e02 100644
--- a/docs/database/redis.md
+++ b/docs/database/redis.md
@@ -43,7 +43,6 @@ looking confusing.
| [`network.peer.address`](/docs/attributes-registry/network.md) | string | Peer address of the database node where the operation was performed. [13] | `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
| [`network.peer.port`](/docs/attributes-registry/network.md) | int | Peer port number of the network connection. | `65123` | `Recommended` if and only if `network.peer.address` is set. |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [14] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [15] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** A connection's currently associated database index may change during its lifetime, e.g. from executing `SELECT `.
@@ -74,9 +73,8 @@ Instrumentations SHOULD document how `error.type` is populated.
**[10] `db.query.text`:** For **Redis**, the value provided for `db.query.text` SHOULD correspond to the syntax of the Redis CLI. If, for example, the [`HMSET` command](https://redis.io/docs/latest/commands/hmset) is invoked, `"HMSET myhash field1 'Hello' field2 'World'"` would be a suitable value for `db.query.text`.
-**[11] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text.
+**[11] `db.query.text`:** Query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text.
See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
**[12] `db.stored_procedure.name`:** See [FCALL](https://redis.io/docs/latest/commands/fcall/) and [EVALSHA](https://redis.io/docs/latest/commands/evalsha/).
@@ -84,10 +82,6 @@ Parameterized query text SHOULD be collected by default (the query parameter val
**[14] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[15] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
-
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/docs/database/sql.md b/docs/database/sql.md
index 98e38a44cc..8312d03da1 100644
--- a/docs/database/sql.md
+++ b/docs/database/sql.md
@@ -61,7 +61,7 @@ Instrumentations applied to generic SQL drivers SHOULD adhere to SQL semantic co
| [`db.response.returned_rows`](/docs/attributes-registry/db.md) | int | Number of rows returned by the operation. | `10`; `30`; `1000` | `Recommended` |  |
| [`db.stored_procedure.name`](/docs/attributes-registry/db.md) | string | The name of a stored procedure within the database. [11] | `GetCustomer` | `Recommended` [12] |  |
| [`server.address`](/docs/attributes-registry/server.md) | string | Name of the database host. [13] | `example.com`; `10.1.2.80`; `/tmp/my.sock` | `Recommended` |  |
-| [`db.operation.parameter.`](/docs/attributes-registry/db.md) | string | A database operation parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
+| [`db.query.parameter.`](/docs/attributes-registry/db.md) | string | A database query parameter, with `` being the parameter name, and the attribute value being a string representation of the parameter value. [14] | `someval`; `55` | `Opt-In` |  |
**[1] `db.namespace`:** If a database system has multiple namespace components (e.g. schema name and database name), they SHOULD be concatenated
(potentially using database system specific conventions) from most general to most
@@ -137,7 +137,7 @@ For batch operations, if the individual operations are known to have the same qu
Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
**[10] `db.query.text`:** Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes sensitive data, e.g. by redacting all literal values present in the query text. See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+Parameterized query text SHOULD be collected by default (the query parameter values themselves are opt-in, see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
**[11] `db.stored_procedure.name`:** It is RECOMMENDED to capture the value as provided by the application
without attempting to do any case normalization.
@@ -149,9 +149,9 @@ stored procedure name then that stored procedure name SHOULD be used.
**[13] `server.address`:** When observed from the client side, and when communicating through an intermediary, `server.address` SHOULD represent the server address behind any intermediaries, for example proxies, if it's available.
-**[14] `db.operation.parameter`:** If a parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
-If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
-`db.operation.parameter.` SHOULD NOT be captured on batch operations.
+**[14] `db.query.parameter`:** If a query parameter has no name and instead is referenced only by index, then `` SHOULD be the 0-based index.
+`db.query.parameter.` SHOULD match up with the parameterized placeholders present in `db.query.text`.
+`db.query.parameter.` SHOULD NOT be captured on batch operations.
The following attributes can be important for making sampling decisions
and SHOULD be provided **at span creation time** (if provided at all):
diff --git a/model/database/deprecated/registry-deprecated.yaml b/model/database/deprecated/registry-deprecated.yaml
index 9fa8168df6..ca19b82a13 100644
--- a/model/database/deprecated/registry-deprecated.yaml
+++ b/model/database/deprecated/registry-deprecated.yaml
@@ -36,14 +36,6 @@ groups:
deprecated: "Replaced by `db.query.text`."
stability: development
examples: ['SELECT * FROM wuser_table', 'SET mykey "WuValue"']
- - id: db.query.parameter
- type: template[string]
- brief: >
- A query parameter used in `db.query.text`, with `` being the parameter name,
- and the attribute value being a string representation of the parameter value.
- deprecated: "Replaced by `db.operation.parameter`."
- stability: development
- examples: ["someval", "55"]
- id: db.cassandra.table
type: string
stability: development
diff --git a/model/database/registry.yaml b/model/database/registry.yaml
index 8b0253b8d6..1a2c6ccdf7 100644
--- a/model/database/registry.yaml
+++ b/model/database/registry.yaml
@@ -75,20 +75,20 @@ groups:
"SELECT * FROM wuser_table where username = ?",
'SET mykey ?',
]
- - id: db.operation.parameter
+ - id: db.query.parameter
type: template[string]
stability: release_candidate
brief: >
- A database operation parameter, with `` being the parameter name,
+ A database query parameter, with `` being the parameter name,
and the attribute value being a string representation of the parameter value.
note: >
- If a parameter has no name and instead is referenced only by index,
+ If a query parameter has no name and instead is referenced only by index,
then `` SHOULD be the 0-based index.
- If `db.query.text` is also captured, then `db.operation.parameter.` SHOULD match
+ `db.query.parameter.` SHOULD match
up with the parameterized placeholders present in `db.query.text`.
- `db.operation.parameter.` SHOULD NOT be captured on batch operations.
+ `db.query.parameter.` SHOULD NOT be captured on batch operations.
examples: ["someval", "55"]
- id: db.query.summary
type: string
@@ -122,6 +122,16 @@ groups:
For batch operations, if the individual operations are known to have the same
stored procedure name then that stored procedure name SHOULD be used.
examples: ["GetCustomer"]
+ - id: db.operation.parameter
+ type: template[string]
+ stability: development
+ brief: >
+ A database operation parameter, with `` being the parameter name,
+ and the attribute value being a string representation of the parameter value.
+ note: >
+ `db.query.text` parameters SHOULD be captured using `db.query.parameter.`
+ instead of `db.operation.parameter.`.
+ examples: ["someval", "55"]
- id: db.operation.batch.size
type: int
stability: release_candidate
diff --git a/model/database/spans.yaml b/model/database/spans.yaml
index 2bb362c619..0f33f26d59 100644
--- a/model/database/spans.yaml
+++ b/model/database/spans.yaml
@@ -40,10 +40,10 @@ groups:
Parameterized query text SHOULD be collected by default
(the query parameter values themselves are opt-in,
- see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+ see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
- ref: db.query.summary
sampling_relevant: true
- - ref: db.operation.parameter
+ - ref: db.query.parameter
requirement_level: opt_in
- id: trace.db.common.query_and_collection
@@ -71,10 +71,10 @@ groups:
Parameterized query text SHOULD be collected by default
(the query parameter values themselves are opt-in,
- see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
+ see [`db.query.parameter.`](/docs/attributes-registry/db.md)).
- ref: db.query.summary
sampling_relevant: true
- - ref: db.operation.parameter
+ - ref: db.query.parameter
requirement_level: opt_in
- id: trace.db.common.full
@@ -456,14 +456,10 @@ groups:
examples: ["HMSET myhash field1 'Hello' field2 'World'"]
requirement_level:
recommended: >
- Non-parameterized query text SHOULD NOT be collected by default unless there is sanitization that excludes
+ Query text SHOULD NOT be collected by default unless there is sanitization that excludes
sensitive data, e.g. by redacting all literal values present in the query text.
See [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
-
- Parameterized query text SHOULD be collected by default
- (the query parameter values themselves are opt-in,
- see [`db.operation.parameter.`](/docs/attributes-registry/db.md)).
note: >
For **Redis**, the value provided for `db.query.text` SHOULD correspond to the syntax of the Redis CLI.
If, for example, the [`HMSET` command](https://redis.io/docs/latest/commands/hmset) is invoked, `"HMSET myhash field1 'Hello' field2 'World'"` would be a suitable value for `db.query.text`.
@@ -491,8 +487,6 @@ groups:
note: >
All Redis error prefixes SHOULD be considered errors.
- ref: db.operation.batch.size
- - ref: db.operation.parameter
- requirement_level: opt_in
- ref: server.address
sampling_relevant: true
- ref: server.port
@@ -606,7 +600,8 @@ groups:
note: >
Many Elasticsearch url paths allow dynamic values. These SHOULD be recorded in span attributes in the format
`db.operation.parameter.`, where `` is the path parameter name. The implementation SHOULD
- reference the [elasticsearch schema](https://raw.githubusercontent.com/elastic/elasticsearch-specification/main/output/schema/schema.json)
+ reference the
+ [elasticsearch schema](https://raw.githubusercontent.com/elastic/elasticsearch-specification/main/output/schema/schema.json)
in order to map the path parameter values to their names.
examples:
[
@@ -977,7 +972,7 @@ groups:
in the query text. See [Sanitization of `db.query.text`](../database/database-spans.md#sanitization-of-dbquerytext).
Parameterized query text MUST also NOT be collected by default unless explicitly configured.
The query parameter values themselves are opt-in,
- see [`db.operation.parameter.`](../attributes-registry/db.md)).
+ see [`db.query.parameter.`](../attributes-registry/db.md)).
note: >
For sanitization see [Sanitization of `db.query.text`](../database/database-spans.md#sanitization-of-dbquerytext).
For batch operations, if the individual operations are known to have the same query text then that query text SHOULD be used,