New Relic data dictionary

This data dictionary defines some of our default-reported data stored in NRDB and queryable via NRQL. This includes events like Transaction, MobileRequest, and BrowserInteraction, and our Metric, Log, and Span data types. These definitions are also available from our query builder UI by mousing over applicable data type and attribute names.

This dictionary doesn't contain:

  • Data from our infrastructure integrations (for that, see docs for a specific integration)
  • Custom data
  • Detailed integration-specific attributes for Metric data

Vulnerability

New Relic Vulnerability Management is an opinionated solution that helps Devs, SREs, and Infosec teams build and run secure software with more confidence and less effort by centralizing, organizing, and prioritizing security risks in observability context.

Attribute nameDefinitionData types
cve

The common vulnerability and exposure ID assigned by the disclosing agency.

cvss.score

The vulnerablity's CVSS score as assigned by the disclosing agency.

cvss.vector

A breakdown of the CVSS score's components as assigned by the disclosing agency.

description

Long form description of the vulnerability. May include exploit risks, specific versions, other links.

disclosureUrl

A URL linking to detailed information on the vulnerability from the disclosing agency.

entity.guid

The unique ID of the New Relic entity impacted by the vulnerability.

entityGuid

The unique ID of the New Relic entity impacted by the vulnerability.

entityLookupValue

An identifier created by New Relic using details from the disclosing agency to help determine which New Relic entity this vulnerability is associated with.

entityType

The type of New Relic entity, which is determined by New Relic based on the disclosing agency and vulnerability details.

issue.id

The unique ID assigned to the vulnerability by the disclosing agency.

issue.type

The type of issue, for example library vulnerability or misconfiguration.

issue.vendor.id

The unique ID assigned to this instance of the vulnerablity by the disclosing agency.

issueId

The unique ID assigned to the vulnerablity by the disclosing agency.

issueInstanceKey

The unique ID assigned to this instance of the vulnerablity by the disclosing agency.

issueType

The type of issue, for example library vulnerability or misconfiguration.

message

Long form description of the vulnerability. May include exploit risks, specific versions, other links.

package

The name of the library or module that is vulnerable.

package.version

The version of the library or module that is vulnerable.

rawPayload

Where the original payload that New Relic received is stored - only applies to Security API ingested vulnerabilities.

remediation.exists

A boolean indicating whether the vulnerability has a fix.

remediation.upgradeAction

The action required to fix the vulnerability.

remediationExists

A boolean indicating whether the vulnerability has a fix.

scan.id

Used by 3rd party tools to identify the scan which discovered the vulnerability.

severity

The severity of the vulnerability assigned by the disclosing agency.

source

The source of the vulnerablity disclosure.

timestamp

The time the vulnerability event was created.

title

A short description of the vulnerabilty.