APM security: C SDK

Due of the nature of the C SDK, you have direct control over what data is reported to New Relic. To ensure data privacy and to limit the types of information New Relic receives, no customer data is captured except what you supply in your API calls. In addition, the C SDK reports all data to New Relic over HTTPS.

For more information about New Relic's security measures, see our security and privacy documentation, or visit the New Relic security website.

Default security settings

By default, this is how the C SDK handles the following potentially sensitive data. For more information, including code values and examples, see the C SDK documentation about data structures on GitHub.

Type of information C SDK data security
Datastore instance name or database name

The newrelic_datastore_segment_config_t is a struct that configures whether a datastore's instance name and table name are captured for datastore segment instrumentation.

  • Instance names: By default, the configuration returned by newrelic_new_config() enables datastore segments with instance_reporting set to true.
  • Database names: By default, the configuration returned by newrelic_new_config() enables datastore segments with database_name_reporting set to true.
SQL The record_sql setting in the newrelic_transaction_tracer_config_t controls the SQL format in transaction traces for supported SQL-like products. The default setting, NEWRELIC_SQL_OBFUSCATED, sets alphanumeric characters to ?.
Audit mode

The audit log is a plain text logging of all data sent to New Relic by the C SDK. When starting the C SDK daemon, add -auditlog <file> to the daemon configuration file. For example:

./newrelic-daemon -f -logfile stdout -loglevel debug -auditlog audit.log

To see all of the available options for the C daemon: At the command line, type:

./newrelic-daemon --help

Customize security settings

If the default settings do not work for your business needs, you can customize how information is sent to New Relic by altering the newrelic_datastore_segment_config_t and the newrelic_transaction_tracer_config_t.

If you customize your configuration, it may impact the security of your application.

For more help

If you need more help, check out these support and learning resources: