The daemon (newrelic-daemon) acts as a proxy between the PHP agent and the New Relic collector to reduce network traffic and to improve response time for instrumented applications. The daemon process starts when your system starts, and must be running for data to be sent to New Relic.
Beginning with version 3.0 of the PHP agent, the daemon can be automatically configured and started by the agent. Auto-configuration does not require the newrelic.cfg file. This is the recommended configuration.
However, there are still some cases where manually starting the daemon is useful. For more information about the startup process, see New Relic daemon startup modes.
A sample daemon configuration file was created during installation. To manually configure the daemon, copy and rename
/etc/newrelic/newrelic.cfg and edit the file. All settings are optional and most have default values.
The agent will not automatically start the daemon if it finds a
newrelic.cfg file in the
Sets the name of the log file to use.
Can be set on the command line by the daemon -l option. Setting this value on the command line will override the value set in
newrelic.cfgAlthough the daemon itself provides no default name for the log file, the daemon startup scripts use the -l option to set the default location and name to /var/log/newrelic/newrelic-daemon.log.
Sets the level of detail for messages sent to the log file. This field has the same possible values as the agent, which are, in increasing order of detail:
If you are encountering problems with the daemon, set the loglevel debug for at least long enough to reproduce the problem. A debug logfile is often necessary to debug issues with the proxy daemon.
Can be set on the command line using the daemon --loglevel option. Setting this value on the command line will override the value set in
This configuration setting is only available in PHP agent versions lower than 8.0. Versions 8.0 and higher will ignore this setting and always use HTTPS encryption to communicate with New Relic.
When set to
yes, the proxy will only use a secure connection to communicate with the collector. While the setting specifies SSL, the setting refers to HTTPS encryption to the latest industry standards. The agent communicates with New Relic via HTTPS by default, and New Relic requires HTTPS for all traffic to New Relic APM and the New Relic REST API.
Can be enabled or disabled on the command line by the daemon --tls option. Setting this value on the command line will override the value set in
Sets the location of a file containing CA certificates in PEM format. When set, the certificates in this file will be used to authenticate the New Relic collector. In most cases it should not be necessary to configure a CA bundle. The New Relic PHP agent comes bundled with the necessary CA certificates.
This setting has no effect when
sslis set to
Sets the location of a directory containing trusted CA certificates in PEM format. When set, the certificates in this directory will be used to authenticate the New Relic collector. In most cases it should not be necessary to configure a CA path. The New Relic PHP agent comes bundled with the necessary CA certificates.
This setting has no effect when
sslis set to
Certain sites have very restrictive egress firewalls and require you to use a proxy in order to communicate with the outside world. If this applies to your site, you will need to set this value.
The value is in the form
portmay be omitted depending on your proxy configuration. For example, if you are using a HTTP proxy that does not require a user name and password, you could just use
hostname:port. The port defaults to 1080 for most proxies.
Can be set on the command line using the daemon --proxy option. Setting this value on the command line will override the value set in
- address (alias for port)
Sets the socket endpoint the daemon will listen on. This endpoint allows agents to communicate with the daemon. This must be the same value as the agent's
newrelic.daemon.addresssetting. This can be specified in these ways:
- Recommended. To use a specified file as a UNIX domain socket (UDS), provide an absolute path name as a string.
- To use a standard TCP port, specify a number in the range 1 to 65534.
- To use an abstract socket, use the value
@newrelic-daemon(available for agent version 184.108.40.206 or higher).
- To enable connections from applications that are running on different hosts (helpful for container environments), set this value to
hostdenotes the host name or IP address of the local host, and
portdenotes a valid port number. Both IPv4 and IPv6 are supported. This is available for PHP agent version 220.127.116.11 or higher.
These options may also be set via the command line using the daemon
--addressoption. Setting this value on the command line will override the value set in
Sets the name of the file in which the daemon will record its process ID (pid).
Although the daemon sets this to a default value of
/tmp/newrelic.pid, the startup script almost always uses the --pidfile option to set it to
Can be set on the command line using the daemon --pidfile option. Setting this value on the command line will override the value set in
This feature was introduced in version 3.4. When enabled, the agent will create an audit log, which contains all of the data sent from the daemon to New Relic. This data includes the full URL, date, time, and the uncompressed, un-encoded data for each request. This allows you to observe exactly what data is sent to New Relic in order to ensure no sensitive data is included.
The file specified can not be the same file as the daemon log, as described above. This audit log can become very large very quickly, so New Relic recommends that you do not use it for extended periods of time.
Can be set on the command line using the daemon --auditlog option. Setting this value on the command line will override the value set in