The New Relic .NET agent default security settings automatically provide security for your APM data to ensure data privacy and to limit the kind of information New Relic receives. You may have business reasons to change these settings.
If you want to restrict the information that New Relic receives, you can enable high security mode. If high security mode or the default settings do not work for your business needs, you can apply custom settings.
By default, here is how the New Relic .NET agent handles the following potentially sensitive data:
- Request parameters: The agent does not capture HTTP request parameters.
- HTTPS: The agent communicates with New Relic using HTTPS.
- SQL: The agent sets SQL recording to
obfuscated, which removes the potentially sensitive numeric and string literal values.
- You cannot create custom events.
- You cannot collect user attributes.
- The agent strips exception messages.
If you customize security settings, it may impact the security of your application.
If you need different security settings than default or high security mode, you can customize these settings:
Effects on data security
Records all data sent to and received from New Relic in both an auditlog log file and the standard log file.
Some proxies default to using HTTP, which is a less secure protocol.
By default, you are sending attributes to New Relic.
If there are specific attribute keys that you do not want to send to New Relic in transaction traces, identify them using
Consider if you want to exclude these potentially sensitive attributes using
By default, this is set to
By default, the agent records events sent to the custom events API via
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's data security and licenses documentation.