DataDog · domalessi · Mar 24, 2026 · Mar 20, 2026 · Mar 20, 2026 · Mar 24, 2026
@@ -33,7 +33,7 @@ In Kubernetes environments, injection is handled by the Datadog Admission Contro
 
 1. Evaluates whether the pod should be instrumented based on configured selectors (such as namespaces, labels, or specific pod properties).
 1. Mutates the pod spec to:
-   - Add init containers to download injector and tracer libraries
+   - Use the Datadog CSI driver to mount the injector and tracer libraries
    - Set environment variables (like `LD_PRELOAD`)
    - Mount volumes to persist injected libraries
 

@@ -594,13 +594,13 @@ If you don't want to collect trace data for a particular service, host, VM, or c
 
 To remove APM instrumentation and stop sending traces from a specific service, you can do one of the following:
 
-#### Use workload selection (recommended)
+#### Use instrumentation rules to target specific workloads (recommended)
 
-With workload selection (available for Agent v7.64+), you can enable and disable tracing for specific applications. [See configuration details here](#advanced-options).
+With instrumentation rules (available for Agent v7.64+), you can enable and disable tracing for specific applications. [See configuration details here](#advanced-options).
 
 #### Use the Datadog Admission Controller
 
-As an alternative, or for a version of the agent that does not support workload selection, you can also disable pod mutation by adding a label to your pod.
+As an alternative, or for a version of the agent that does not support instrumentation rules, you can also disable pod mutation by adding a label to your pod.
 
 <div class="alert alert-danger">In addition to disabling SSI, the following steps disable other mutating webhooks. Use with caution.</div>
 
@@ -670,7 +670,7 @@ To control where APM is activated and reduce overhead, consider the following be
 | Mode    | Behavior    | When to use |
 | ---  | ----------- | ----------- |
 | Default | All supported processes in the cluster are instrumented. | Small clusters or prototypes. |
-| Opt-in | Use [workload selection][4] to restrict instrumentation to specific namespaces or pods. | Production clusters, staged rollouts, or cost‑sensitive use cases. |
+| Opt-in | Use [instrumentation rules][4] to restrict instrumentation to specific namespaces or pods. | Production clusters, staged rollouts, or cost‑sensitive use cases. |
 
 #### Example: Enable instrumentation for specific pods
 
@@ -719,7 +719,7 @@ To control where APM is activated and reduce overhead, consider the following be
                  datadoghq.com/apm-instrumentation: "enabled"
    ```
 
-See [workload selection][4] for additional examples.
+See [instrumentation rules][4] for additional examples.
 
 {{% /collapse-content %}}
 

@@ -113,35 +113,35 @@ To update the SDK versions:
 1. Re-run the Agent installation command. This command also updates the Agent to the latest version.
 1. Restart your applications.
 
-### Define workload selection rules 
+### Define instrumentation rules
 
 {{< callout url="https://www.datadoghq.com/product-preview/single-step-instrumentation-targeting-rules-on-linux/"
  btn_hidden="false" header="Join the Preview!">}}
-Workload selection is in Preview.
+Instrumentation rules are in Preview.
 {{< /callout >}}
 
-Workload selection rules (available for Agent v7.73+) let you control which processes are automatically instrumented by SSI on Linux hosts.
+Instrumentation rules (available for Agent v7.73+) let you control which processes are automatically instrumented by SSI on Linux hosts.
 
-To configure workload selection:
+To configure instrumentation rules:
 
-1. In Datadog, navigate to **APM** > **Service Setup** > [**Workload Selection**][20].
-1. Click **Add or Edit Rules**. 
+1. In Datadog, go to **APM** > **Service Setup** > [**Manage Instrumentation Rules**][20].
+1. Click **Add or Edit Rules**.
 1. Define instrumentation rules:
    1. Click **Add New Rule**, then choose **Allow Rule** or **Block Rule** to specify whether matching processes should be instrumented.
-   1. Name your rule. 
+   1. Name your rule.
    1. Add one or more conditions. See [Define rule conditions](#define-rule-conditions) to learn more.
 
-   {{< img src="tracing/trace_collection/workload_selection_landing.png" alt="The workload selection UI, showing configuration options for defining a rule" style="width:100%;" >}}
+   {{< img src="tracing/trace_collection/workload_selection_landing.png" alt="The instrumentation rules UI, showing configuration options for defining a rule" style="width:100%;" >}}
 
-1. (Optional) Drag and drop rules to reorder them. 
+1. (Optional) Drag and drop rules to reorder them.
 
    **Note**: Rules are evaluated in order. After a process matches a rule, subsequent rules are ignored.
 
 1. Set the default behavior (allow or block) for processes that do not match any rule.
-1. Click **Next** to preview your rules. 
-1. Click **Deploy Rules**. 
+1. Click **Next** to preview your rules.
+1. Click **Deploy Rules**.
 
-If Remote Configuration is enabled, rules are deployed to every host and applied on those with SSI enabled within 50 seconds . Alternatively, click **Export** to export the configuration file and apply it manually to your hosts.
+If Remote Configuration is enabled, rules are deployed to every host and applied on those with SSI enabled within 50 seconds. Alternatively, click **Export** to export the configuration file and apply it manually to your hosts.
 
 #### Define rule conditions
 
@@ -153,9 +153,11 @@ Each rule consists of one or more conditions. A condition includes the following
 Supported attributes include:
 | Attribute    | Description | Example |
 | ----------- | ----------- | --------- |
-| Process Executable | Executable name of the process. | `python3.11` |
-| Process Executable Full Path | Full path of the executable. | `/usr/bin/python3.11` |
-| Process Args | Command-line arguments used to start the process. | `--env=production` |
+| Operating System | OS of the host. | `linux` |
+| Executable | Executable name of the process. | `python3.11` |
+| Executable File Path | Full path of the executable. | `/usr/bin/python3.11` |
+| Arguments | Command-line arguments used to start the process. | `--env=production` |
+| Working Directory | Working directory of the process. | `/app` |
 | Language | Programming language detected for the process. | `python` |
 
 ## Remove Single Step APM instrumentation from your Agent

@@ -133,15 +133,15 @@ For host or Docker injection, modifying the `auto_inject` version is not recomme
 
 Datadog maintains an internal deny list to prevent injection into certain processes (for example, IDEs or databases). If a process command or entrypoint is on this list, the injector skips the injection process.  
 
-#### Linux workload selection
+#### Linux instrumentation rules
 
 {{< callout url="https://docs.google.com/forms/d/e/1FAIpQLSdMu6WAsUCD3djkl_oN0Qh7fQmBCiKYyUvuqlYWRyObebAc6Q/viewform" header="Join the Preview!">}}
-Workload selection is available for Linux-based apps through a limited availability preview. To configure allow or deny rules for process injection, sign up for preview access.
+Instrumentation rules are available for Linux-based apps through a limited availability preview. To configure allow or deny rules for process injection, sign up for preview access.
 {{< /callout >}}
 
-#### Kubernetes workload selection  
+#### Kubernetes instrumentation rules
 
-Workload selection enables injection based on Kubernetes labels and selectors. Rules to consider:
+Instrumentation rules enable injection based on Kubernetes labels and selectors. Rules to consider:
 
 1. `disabledNamespaces` always takes precedence.
 2. When a pod initializes, the target list is checked from top to bottom. Only the first matching rule applies per pod.
@@ -268,7 +268,7 @@ String limit violations are common if service tags are not explicitly set throug
 If logs show no issues but traces are missing, there may be an application-side misconfiguration. Verify that:
 - Required annotations and labels are present.
 - [Unified Service Tagging][8] is set up correctly.
-- Allow/deny lists for workload selection are properly defined.
+- Allow/deny lists for instrumentation rules are properly defined.
 
 ## Language-specific troubleshooting