The New Relic Node.js agent default security settings automatically provide security for your APM data to ensure data privacy and to limit the kind of information New Relic receives. You may have business reasons to change these settings.
If you want to restrict the information that New Relic receives, you can enable high security mode. If high security mode or the default settings do not work for your business needs, you can apply custom settings.
By default, here is how the Node.js agent handles the following potentially sensitive data:
- Request parameters: The agent does not capture HTTP request parameters. If you wish to capture all request parameters, add
attributes.includein your config file.
- HTTPS: The agent communicates with New Relic using HTTPS.
- SQL: The agent sets SQL recording to
off. When set to
off, the agent does not capture slow queries and does not include backtraces or SQL in transaction traces.
- The agent does not collect message queue parameters.
record_sqlconfiguration setting is changed to
obfuscated, which strips out string and numeric literals.
If you customize security settings, it may impact the security of your application.
If you need different security settings than default or high security mode, you can customize these settings:
Effects on data security
By default, the agent does not log all data sent to New Relic in the agent log file.
If you set this to
Some proxies default to using HTTP, which is a less secure protocol.
You can change this setting to adjust the information that the agent sends to the New Relic collector.