Java agent configuration: Config file

To create the extensions directory:

1. Navigate to the directory where newrelic.jar and newrelic.yml are located. Create a directory named extensions.
2. In newrelic.yml, check that the property extensions.dir is not set.

To use an existing Java extensions directory:

1. In your newrelic.yml file, locate the common section.
2. Use the property extensions.dir to specify the location of the file.

This setting is required. You must specify the license key associated with your New Relic account. This key binds your agent's data to your account in the New Relic service.

This setting is required. Defines the application name used to report data to New Relic.

If enable_auto_app_naming is false, the agent reports all data to this application. Otherwise, the agent reports only background tasks (transactions for non-web applications) to this application.

To report data to more than one application, separate the application names with a semicolon. For example, to report data to My Application and My Application 2 use this:

app_name: My Application;My Application 2

For more methods of naming your application, see Name your Java application.

Flag to enable the agent. Use this setting to force the agent to run or not run.

The apdex_t threshold in seconds for the application's Apdex score. For Java agent versions 1.2.008 or higher, the apdex_t value is set in the UI and the value in newrelic.yml is ignored.

Number to differentiate JVMs for the same app on the same machine. New Relic uses host/port for uniqueness, so you can distinguish the JVMs by putting a switch like this into the startup arguments for each JVM:

-Dnewrelic.config.appserver_port=8081

Once you have used appserver_port to name the JVMs and restart them, you should be able to see them individually in the dropdown and in the profiling interface.

Enables plain text logging of all data sent to New Relic to the agent logfile. This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

Specifies a path to a custom SSL certificate bundle that will be used by the agent to establish a secure connection to New Relic. If your custom SSL certificate bundle doesn't include certificates that are sufficient to connect to New Relic then you'll need to merge the required certs into your custom certificate bundle.

Enables the reporting of data separately for each web app. Set to true to enable support for auto app naming. The name of each web app is detected automatically and the agent reports data separately for each one. This provides a finer-grained performance breakdown for web apps in New Relic.

For more information, see Automatic application naming.

For more methods of naming your application, see Name your Java application.

Enables component-based transaction naming. Set to true to enable component-based transaction naming. Set to false to use the URI of a web request as the name of the transaction. For more information, see Naming web transactions.

Enables all instrumentation using an @Trace annotation. Disabling this causes @Trace annotations to be ignored.

Event ingest URI used by some agent features. Defaults to the US production ingest endpoint. Can be manually configured to send events to other ingest endpoints (for example, EU production: https://insights-collector.eu01.nr-data.net/v1/accounts/events).

FedRAMP compliant customers should use the FedRAMP compliant endpoint: https://gov-insights-collector.newrelic.com/v1/accounts/events

Defines the location of the optional extensions directory. If this property is not set, the agent will look for a subdirectory named extensions in the same directory as newrelic.jar and newrelic.yml.

In order for high security to be enabled, this property must be set to true and the high security property in the New Relic user interface must be enabled. Enabling high security means SSL is turned on, request and message queue parameters are not collected, and queries cannot be sent to New Relic in their raw form.

Provides the ability to configure a FedRAMP compliant endpoint for the agent to use, with the value gov-collector.newrelic.com.

A valid Insert API Key for your account. This is not currently used by the agent.

Attach tags to this app.

Note that this option now enables tags, which replaced the label feature. You can still query your historical labels. Multiple tags can be attached by using a semicolon as a separator as follows:

-Dnewrelic.config.labels="tagName1:tagValue1;tagName2:tagValue2;tagName3:tagValue3"

In rare cases, a memory leak could occur with instrumentation that uses the legacy async API to track the lifecycle of async servlets or Jetty Continuations. The memory leak would manifest as leaked transactions that were suspended but never resumed. This configuration acts as a workaround to prevent such a scenario from occurring. It is advised to only enable this workaround when encountering such a memory leak.

Limits the number of lines the agent collects from each stack trace. Increasing this value may impact performance, because it increases the amount of memory the agent uses and the amount of data sent to New Relic.

Metric ingest URI used by some agent features. Defaults to the US production ingest endpoint. Can be manually configured to send metrics to other ingest endpoints (example EU production URI: https://metric-api.eu.newrelic.com/metric/v1).

FedRAMP compliant customers should use the FedRAMP compliant endpoint: https://gov-metric-api.newrelic.com/metric/v1

The proxy host through which to connect to the New Relic collector. If a proxy is used, the host setting is required. Other proxy settings are optional.

The password for proxy authentication. If a proxy is used, the host setting is required. Other proxy settings are optional. The username and password settings will be used to authenticate to Basic Auth challenges from a proxy server.

The proxy host port number. If a proxy is used, the host setting is required. Other proxy settings are optional.

The username for proxy authentication, such as Basic (clear text) authentication. If a proxy is used, the host setting is required. Other proxy settings are optional. The username and password settings will be used to authenticate to Basic Auth challenges from a proxy server.

The proxy scheme used. Setting proxy_scheme: "https" will allow the agent to connect through proxies using the HTTPS scheme.

Whether errors are reported for Reactor Netty. Default is false. If set to true, Reactor Netty errors will be reported.

Enable delayed JVM shutdown to give the agent a chance to send latest metric data to New Relic before JVM shutdown.

The number of seconds after which the agent will use the send_data_on_exit setting.

Enable reporting of JVM settings to New Relic.

When set to true, JVM properties will be sent to New Relic.

Requires connections to the New Relic collector to go over SSL.

The agent communicates with New Relic via HTTPS by default, and New Relic requires HTTPS for all traffic to APM and the New Relic REST API.

This work is done asynchronously to the threads that process your application code, so response times will not be directly affected by this change.

Enable the agent to connect the New Relic collector immediately upon app startup.

For more concise transaction trace details, the agent does not report Scala Futures as transaction segments, and those Futures do not contribute to the transaction’s total time.

Enabling scala_futures_as_segments increases your overhead. If you want Scala Futures to report as transaction segments so you can view them in a transaction trace, you can enable it:

scala_futures_as_segments:
  enabled: true

When the exclusive time of a segment is less than 2% of the total transaction time, the metric for that method call will be aggregated under Java/other.

Setting trim_stats to false will disable this behavior, allowing metrics to be individually displayed.

trim_stats: false

Starting from agent version 8.7.0, if set to true and the Agent is running with JBoss EAP / Wildfly, this will prevent the agent from requiring any class under the package javax.management to be loaded by the system classloader. This is added to help fix application startup issues with JBoss Modules when the J2EE/Jakarta Management API is used. More information is provided in the JBoss / Wildfly troubleshooting doc.

Expiramental flag that allows the agent to run with unsupported java versions.

Set a display name to decorate the "host:port" label in the New Relic UI. Requires Java agent 3.17 or higher.

String containing a fully qualified path to the newrelic configuration file. If empty, the agent assumes newrelic.yml is in the same directory as newrelic.jar.

Enable debug logging.

String containing the environment configuration for the agent to use.

String containing the home directory of agent. This defaults to the same directory as the agent jarfile.

String containing the name of the agent log file.

When set to true, enables AI monitoring.

If set to false, agent will omit input and output content (like text strings from prompts and responses) captured in LLM events. This is an optional security setting if you don’t want to record sensitive data sent to and received from your LLMs.

This setting can be used to turn on or off all attributes.

If attributes are enabled, attribute keys found in this list will be sent to New Relic. Separate the keys in the list with a comma; for example:

key1, key2, key3

Also refer to the agent attribute rules.

All attribute keys found in this list will not be sent to New Relic. Separate the keys in the list with a comma; for example:

key1, key2, key3

Also refer to the agent attribute rules.

Attribute reporting is configurable via the following means.

YAML:

attributes:
http_attribute_mode: both

System property:

-Dnewrelic.config.attributes.http_attribute_mode=both

Environment variable:

NEW_RELIC_ATTRIBUTES_HTTP_ATTRIBUTE=both

The configuration options are:

• standard : Reporting will utilize standard (i.e. OTEL) Attributes. This configuration is encouraged. It will minimize impact to functionality and maintain the lowest level of ingest for attribute reporting.
• legacy : Reporting will be done by the reintroduced HTTP Attributes, this configuration may impact current or future functionality.
• both : This is the default configuration, reporting will be done by the reintroduced HTTP Attributes and the OTEL Attributes. This configuration will also increase your data ingest.

The number of seconds after which the agent will automatically expire an async token that has not been explicitly expired with token.expire(). For usage instructions, see Tokens: Connect async threads.

The number of seconds after which the agent will automatically end a segment that has not been explicitly ended with segment.end() or segment.ignore(). For usage instructions, see Segments: Time arbitrary async activity.

By default the agent automatically inserts API calls in compiled JSPs to inject the monitoring JavaScript into web pages. Set this attribute to false to turn off this behavior.

When auto_instrument is true, by default all pages are instrumented. List all pages that you want the auto instrumentation to skip here. You can still use manual instrumentation on these pages.

For example:

browser_monitoring:
  disabled_auto_pages: /WEB-INF/jsp/testpage_1.jsp, /WEB-INF/jsp/testpage_2.jsp

This setting can be used to turn on or off all attributes for browser monitoring. This is the data you can query. If attributes.enabled is false at the root level, no attributes will be sent up in browser monitoring regardless on how this property under browser_monitoring is set.

If attributes are enabled for browser_monitoring, all attribute keys found in this list will be sent to New Relic in page views. For more information, see the agent attribute rules.

All attribute keys found in this list will not be sent to New Relic in page views. For more information, see the agent attribute rules.

If your application is behaving as expected, you may want to disable the circuit breaker.

Customize the percentage of free heap memory below which the circuit breaker should trip. When the percentage of free heap memory is less than memory_threshold, and the CPU time spent doing garbage collection is greater than gc_cpu_threshold, the circuit breaker trips. In order to make the circuit breaker less likely to trip, decrease memory_threshold and/or increase gc_cpu_threshold. Adjust these values as needed, based on your application's operating performance and behavior.

Customize the precentage of garbage collection CPU time above which the circuit breaker should trip. When the percentage of free heap memory is less than memory_threshold, and the CPU time spent doing garbage collection is greater than gc_cpu_threshold, the circuit breaker trips. In order to make the circuit breaker less likely to trip, decrease memory_threshold and/or increase gc_cpu_threshold. Adjust these values as needed, based on your application's operating performance and behavior.

This setting is read by some cloud service instrumentation so the cloud.resource_id attribute can be set in the respective spans.

AWS DynamoDB and Kinesis are services that require this value to be able to populate the cloud.resource_id attribute. Likewise, AWS Lambda requires that this value when the account ID is not part of the function name.

The following call will override this setting:

NewRelic.getAgent().getCloud().setAccountInfo(CloudAccountInfo.AWS_ACCOUNT_ID, "...");

Determines whether the agent polls AWS metadata API.

Determines whether the agent polls Azure metadata API.

Determines whether the agent polls Google Cloud Platform metadata API.

Determines whether the agent reports the KUBERNETES_SERVICE_HOST environment variable.

Determines whether the agent reads Pivotal Cloud Foundry environment variables.

Determines whether the agent reads Docker information from the file system.

Code-level metrics is disabled by default in agent version 7.10.0. Set this to true to turn it on. Beginning in agent version 7.11.0 the default is, as noted above, true.

Cross application tracing is enabled by default. Set this to false to turn it off.

This enables the custom event service.

The maximum size of an attribute value, after which the value will be truncated. The default is 255 bytes (in UTF-8 charset encoding) and the max limit is 4095.

This config exists in Java agent version 8.9.0+.

• The maximum number of sampled custom events reported every 60 seconds.
• When configuring the agent for AI monitoring, set to max value 100000. Ensures that the maximum amount of LLM events are captured.

When enabled, enhanced Spring transaction naming will name any transaction that originates from a Spring controller after the defined route and HTTP method. For example: /customer/v1/edit (POST). This includes controllers that implement or extend interfaces/classes with WebMVC related annotations (@RestController, @Controller, @RequestMapping, etc).

By default, this is configured to false, which will name transactions for those types of controllers based on the controller class name and method. For example; CustomerController/edit. This is the naming logic carried over from previous agent versions. "Standard" controllers, with all relevant annotations present on the actual class, will still get named based on route and HTTP method.

This config exists in Java agent version 8.9.0+.

By default, built-in actuator endpoints and custom actuator endpoints (using the @endpoint annotation and its subclasses) will all be named as OperationHandler/handle in New Relic. Enabling this setting will result in the transaction name reflecting the actual base actuator endpoint URI. For example, invoking /actuator/loggers or actuator/loggers/com.newrelic will result in the transaction name actuator/loggers (GET). This is to prevent MGI.

Supported when using Spring Boot v3 and later.

This config exists in Java agent version 8.15.0+.

String containing the full class name of the annotation class the agent uses to determine which user-specified methods to instrument. For more information about custom annotations, see Java custom metric collection.

Enable this option to capture the userPrincipal name. This name is included as a transaction trace attribute (with attribute names user and enduser.id), and can be queried. This also allows you to see in errors inbox how many users are impacted by an error group.

Set this to false to disable distributed tracing. For example, in the config file, you would use:

distributed_tracing:
  enabled: false

Here are other options to disable distributed tracing:

System property:

-Dnewrelic.config.distributed_tracing.enabled=false

Evironment variable:

NEW_RELIC_DISTRIBUTED_TRACING_ENABLED=false

By default, supported versions of the agent utilize both the newrelic header and W3C Trace Context headers for distributed tracing. The newrelic distributed tracing header allows interoperability with older agents that don't support W3C Trace Context headers. Agent versions that support W3C Trace Context headers will prioritize them over newrelic headers for distributed tracing.

If you do not want to utilize the newrelic header, setting this to true will result in the agent excluding the newrelic header and only using W3C Trace Context headers for distributed tracing.

For example, to exclude newrelic headers in the config file, you would use:

distributed_tracing:
  exclude_newrelic_header: true

To exclude newrelic headers using a system property, you would use:

-Dnewrelic.config.distributed_tracing.exclude_newrelic_header=true

Enable error collection.

Specified exception class names will be ignored and will not affect error rate or Apdex score, or be reported to APM. Cannot be specified by system property.

This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

For example:

error_collector:
  ignore_classes:
    - "com.example.MyException"
    - "com.example.DifferentException"

An environment variable can be used to list exception class names you want to be ignored:

NEW_RELIC_ERROR_COLLECTOR_IGNORE_CLASSES="[\"com.example.MyException\", \"com.example.DifferentException\"]"

Specify exception class names the agent should ignore. Ignored messages will not affect error rate or Apdex score, or be reported to APM. Contains yaml pairs consisting of:

• A fully qualified exception class name that should not be reported to APM

  AND

• A list of exception messages to match against (at least one is required)

  If the exception class name matches an error but the message does not, then that error will not be ignored. Message strings use contains for matching. A message cannot be provided on its own and must always be paired with a fully qualified class name. Cannot be specified by system property.

  This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

  For example:

  error_collector:
    ignore_messages:
      com.example.MyException:
        - "Some error message to ignore"
        - "Some other error message to ignore"
      com.example.DifferentException:
        - "Some different error message to ignore"

  Copy

  An environment variable can be used to list exception class names and messages you want to be ignored:

  NEW_RELIC_ERROR_COLLECTOR_IGNORE_MESSAGES="{\"com.example.MyException\": [\"Some error message to ignore\", \"Some other error message to ignore\"], \"com.example.DifferentException\": [\"Some different error message to ignore\"]}"

  Copy

A comma-separated list comprised of individual and dashed ranges of HTTP status codes that should not be treated as errors.

If this property is commented out in the newrelic.yml configuration file, then the 404 status code will automatically be ignored. When using server-side configuration, the status code 404 must be specified in order for it to be ignored.

This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

For example:

error_collector:
  ignore_status_codes: 404,507-511

Prevents specified exception classes from affecting error rate or Apdex score while still reporting the errors to APM. Cannot be specified by system property.

This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

For example:

error_collector:
  expected_classes:
    - "com.example.MyException"
    - "com.example.DifferentException"

An environment variable can be used to list expected exception class names:

NEW_RELIC_ERROR_COLLECTOR_EXPECTED_CLASSES="[\"com.example.MyException\", \"com.example.DifferentException\"]"

Contains yaml pairs consisting of a fully qualified exception class name that should be marked as expected and thus prevented from affecting error rate or Apdex score and a List of exception messages to match against, the latter of which at least one is required. If the exception class name matches an error but the message does not, then that error will not be marked as expected and therefore will affect error rate and Apdex score.

Message strings use contains for matching. A message cannot be provided on its own and must always be paired with a fully qualified class name. Cannot be specified by system property.

This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

For example:

error_collector:
  expected_messages:
    com.example.MyException:
      - "Some expected error message"
      - "Some other expected error message"
    com.example.DifferentException:
      - "Some different expected error message"

An environment variable can be used to list expected exception class names and messages:

NEW_RELIC_ERROR_COLLECTOR_EXPECTED_MESSAGES="{\"com.example.MyException\": [\"Some error message to ignore\", \"Some other error message to ignore\"], \"com.example.DifferentException\": [\"Some different error message to ignore\"]}"

A comma-separated list comprised of individual and dashed ranges of HTTP status codes to be marked as expected and thus prevented from affecting error rate or Apdex score.

This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

For example:

error_collector:
  expected_status_codes: 415,500-506

Expected status codes can also be with the NEW_RELIC_ERROR_COLLECTOR_EXPECTED_STATUS_CODES environment variable.

This setting can be used to turn on or off all attributes for traced errors. If attributes.enabled is false at the root level, then no attributes will be sent to traced errors regardless of how this property is set under error_collector.

If attributes are enabled for traced errors, all attribute keys found in this list will be sent to New Relic in traced errors. For more information, see the agent attribute rules.

Attribute keys found in this list will not be sent to New Relic in traced errors. For more information, see the agent attribute rules.

When multiple errors are noticed in a transaction, only the last error will be reported by default. Setting this property to false will instead report only the first error that is noticed. For more information, see the noticeError API. For example:

error_collector:
  ignoreErrorPriority: false

All specified exception class names specified will not be treated as errors. Deprecated as of Java agent 3.40.0 and replaced by ignore_classes.

For example:

error_collector:
  ignore_errors: some.other.MyException

This setting can be used to control the collection of outgoing request URIs for errors and transaction traces. Set this to true to disable collecting this information.

Set a display name to decorate the "host:port" label in the New Relic UI.

If the hostname cannot be determined, then the IP address of the host will be used. This property determines whether the IPv4 or IPv6 address should be used. The default is IPv4.

For help getting a valid Infinite Tracing trace observer host entry, see find or create a Trace Observer.

You can configure this via YAML:

infinite_tracing:
  trace_observer:
    host: YOUR_TRACE_OBSERVER_HOST

You can also use the system property newrelic.config.infinite_tracing.trace_observer.host or the environment variable NEW_RELIC_INFINITE_TRACING_TRACE_OBSERVER_HOST.

By default, @TraceLambda annotations are disabled. To use the annotation functionality for tracing lambda methods you must explicitly enable the feature as follows:

You can configure this via YAML:

instrumentation:
  trace_lambda:
    enabled: true

You can also use the system property newrelic.config.instrumentation.trace_lambda.enabled=true or the environment variable NEW_RELIC_INSTRUMENTATION_TRACE_LAMBDA_ENABLED.

Used to enable/disable jar collection and reporting.

Used to enable/disable collection of temporary jars. Temporary jars are those residing in the directory specified by the system property java.io.tmpdir.

The maximum number of jars to process per second. Must be positive.

Set to true to enable Real-time profiling with JFR. This setting will apply dynamically and does not require a JVM restart.

Set to true to enable audit logging which will display all JFR metrics and events in each harvest batch. Audit logging is extremely verbose and should only be used for troubleshooting purposes.

This setting can be used to turn on or off all JMX functionality.

This setting can be enabled to allow the Java agent to expose linking metadata over remote JMX.

Used to enabled/disable obfuscation of JVM properties.

If obfuscation is enabled, when the property key matches a value in this list, then the value won't be obfuscated.

The items in this list can have wildcards, * as the last character. Conflicts with the block list are resolved following attribute rules, where allow works as include.

If obfuscation is enabled, when the property key matches a value in this list, then the value will be obfuscated.

The items in this list can have wildcards, * as the last character. Conflicts with the allow list are resolved following attribute rules, where block works as exclude.

Set to true to enable the core logs in context feature. When enabled, additional logging framework instrumentation is enabled, whether or not logs are decorated or sent to New Relic.

Set to false to completely disable this feature, including the collection of log metrics.

Enables the sending of application logs to New Relic.

Set this to true to have your decorated logs sent to New Relic.

Set this to false if you do not want your decorated logs sent to New Relic.

A positive integer specifying the maximum number of logs lines per minute to send.

Set this to 0 to effectively disable the sending of logs.

Set this to a lower value to reduce the amount of log lines sent (may cause log sampling). Set this to a higher value to send more log lines.

Each log receives the same priority as its associated transaction. Logs that occur outside of a transaction will receive a random priority. Some logs may not be included because they are limited by max_samples_stored. For example, if logging max_samples_stored is set to 10,000 and transaction 1 has 10,000 log entries, only log entries for transaction 1 will be recorded. If transaction 1 has less than 10,000 logs you receive all logs for transaction 1. If there is still space, you receive all the logs for transaction 2, and so on.

If after all the logs for sampled transactions are recorded, and they haven't reached the limit in max_samples_stored, then log messages for transactions that were not in our sampling are sent. If there are any left, log messages outside of transactions are recorded.

Set this to true sending of context data as log attributes to New Relic.

Set this to false if you do not want context data in the logs sent to New Relic.

If context_data is enabled for log forwarding, all attribute keys found in this list will be sent to New Relic in log records. If this list is empty, then all attributes will be sent.

If context_data is enabled for log forwarding, all attribute keys found in this list will NOT be sent to New Relic in log records.

The include and exclude list follow the rules Exclude overrides include, More specific rules take priority, Keys are case-sensitive and Use an asterisk for wildcards defined in Attribute rules.

Enables the capture of metrics information about your logs and log levels, which is displayed in a chart on the APM Summary page.

Leave this set to true to allow the agent to capture metric information about your logs.

Set this to false to disable this feature.

This controls whether locally stored log lines are decorated or not. This is independent of whether log forwarding is enabled or not and is used to support customers that want to use a separate log forwarding solution.

Set this to true to cause the agent to add logs in context linking metadata to log lines stored locally by supported frameworks.

Set this to false to turn off the local decorating feature. This will not impact the decorating of log lines being sent to New Relic.

Set to true to roll the logs daily.

The maximum number of log files to keep when using log rotation.

The unqualified log file name or the string STDOUT which will log to standard out.

The log file path.

The log verbosity level. When you change this setting in the agent yaml config file, it will update dynamically. However, the environment variable and system property will not update dynamically.

The agent uses its own log file to keep its logging separate from that of your application. Valid options, in order of verboseness, are:

• off

• severe

• warning

• info

• fine

• finer

• finest

  Caution

  Do not use debug or trace logging unless New Relic Support asks you to use them. These levels of logging can generate excessive overhead. For most situations, use info.

  This setting is dynamic, so running agents will notice changes to newrelic.yml without a JVM restart.

The log file size in kilobytes at which log files are rotated. Set to 0 for no limit.

Adds message properties to tracer attributes. Set this to false to turn it off.

Allows the agent's Opentelemetry SDK autoconfiguration feature to be enabled. Can be set via the system property:

-Dnewrelic.config.opentelemetry.sdk.autoconfigure.enabled=true

Default is true.

To completely disable all security functionality, set this flag to false. This property is read only once at application start. Default is false.

Determines whether the security data is sent to New Relic or not. When this is disabled and agent.enabled is true, the security module will run but data will not be sent. Default is false.

New Relic Security provide mode: IAST. Default is IAST. Due to the invasive nature of IAST scanning, DO NOT enable this mode in either a production environment or an environment where production data is processed.

New Relic Security’s SaaS connection URL. This is the endpoint that the security agent sends data to, it should match that environment that you have set for the APM Java agent.

US Production: wss://csec.nr-data.net

Enable RCI security event detection. Default is true.

Enable RXSS security event detection. Default is true.

Enable deserialization security event detection. Default is true.

Used to enable/disable slow transaction detection.

Determines how long a transaction has to take in milliseconds for a SlowTransaction event to be reported.

If this is set to true, every transaction will be checked for exceeding the defined threshold on transaction completion. Note that if a large number of transactions exceed the threshold, this can be computationally expensive since a stack trace is sent with every SlowTransaction event.

Used to enable/disable span event reporting.

• Determines the number of span events that can be captured during an agent harvest cycle. Available in Java agent 7.4.0 and above.

• When configuring the agent for AI monitoring, set to max value 10000. Ensures that the maximum amount of traces are captured.

  Important

  Increasing the number of span events can lead to additional agent overhead.

This setting can be used to turn on or off all attributes for span events. If attributes.enabled at the root level is false, no attributes will be sent to span events regardless on how this property (span_events.attributes.enabled) is set.

If attributes are enabled for span events, all attribute keys found in this list will be sent to New Relic in span_events. For more information, see the agent attribute rules.

All attribute keys found in this list will not be sent to New Relic in span events. For more information, see the agent attribute rules.

By default, this is set to false, which means that the agent sends messages from all exceptions to the New Relic collector.

• If you set this to true, the agent strips the messages from exceptions in order to prevent it from inadvertently capturing sensitive information.
• If you enable high-security mode, this is automatically set to true.
• If you set enabled to true but you want the agent to capture messages from specific exceptions, add the exceptions to your allow list.

If you set enabled to true but you want the agent to capture messages for specific exceptions, add each exception to the whitelist, separated by a comma.

If you set enabled to true but you want the agent to capture messages for specific exceptions, add each exception to allowed_classes, separated by a comma.

Enable the thread profiler.

Enable the transaction events service.

The maximum number of sampled transaction events reported every 60 seconds.

A list of maps with the paired keys header_name and the optional header_alias. Choose one or more custom HTTP request headers to add as transaction attributes.

You can list multiple header configurations:

transaction_events:
  custom_request_headers:
    -
      header_name: "X-Custom-Header-1"
    -
      header_name: "X-Custom-Header-2"
      header_alias: "CustomHeader2alias"

In the first map set, X-Custom-Header-1 is captured and reported by the agent as the header name for a corresponding value from the request object. The header_name will also be the name of the attribute sent to New Relic.

In the second map set, the request header is X-Custom-Header-2, but the CustomHeader2alias is the name sent to New Relic.

This setting can be used to turn on or off all attributes for transaction events. If attributes.enabled is false at the root level, then no attributes will be sent to transaction events regardless of how this property is set under transaction_events.

If attributes are enabled for transaction events, all attribute keys found in this list will be sent to New Relic in transaction events. For more information, see the agent attribute rules.

All attribute keys found in this list will not be sent to New Relic in transaction events. For more information, see the agent attribute rules.

This setting can be used to turn on or off all attributes for transaction segments. If attributes.enabled at the root level is false, no attributes will be sent to transaction segments regardless on how this property (transaction_segments.attributes.enabled) is set.

If attributes are enabled for transaction segments, all attribute keys found in this list will be sent to New Relic in transaction segments. For more information, see the agent attribute rules.

All attribute keys found in this list will not be sent to New Relic in transaction segments. For more information, see the agent attribute rules.

The transaction tracer is enabled by default. Set this to false to turn it off.

Determines whether the agent will capture the EXPLAIN plan for slow queries. Only supported for MySQL and PostgreSQL.

Threshold in seconds for query execution time below which the slow query and the EXPLAIN plan (if supported) will not be captured. Relevant to slow queries only when record_sql is set to raw or obfuscated. Relevant to EXPLAIN plans only when explain_enabled is set to true.

The character limit for the SQL query string. If you have many slow SQL queries with large chunks of information, this could negatively affect performance or how quickly you see your data in New Relic. Increase the value gradually until you find the right balance of information and performance.

Set to true to enable logging of queries to the agent log file instead of uploading to New Relic. Queries are logged using the record_sql mode.

When the transaction tracer is on, query statements can optionally be recorded. The recorder has three modes:

• off: Send no queries.
• raw: Send the query statement in its original form.
• obfuscated: Strips out numeric and string literals.

This option is for Play 2.x+ only. Play/Scala instrumentation can use Thread.getStackTrace() to improve tracer naming, but at the cost of increased overhead.

Defines a threshold (in seconds) for collecting stack traces from an SQL call. When SQL statements exceed this threshold, the agent will capture the current stack trace. This is useful for pinpointing where long SQL calls originate from.

Use this setting to control the variety of your transaction traces. top_n is an integer that represents the number of unique, slow transactions that traces will be created for.

• If you want transaction traces to more accurately reflect the actual slowest transactions in your app, make this value lower.

• If you want to sample a more diverse array of transactions, make the value higher.

  A value of 0 would mean that only the slowest transaction is always traced. This is considered not to be optimal, though, because you may have one or two transactions that are always the slowest, and repeatedly seeing those same transaction traces will probably not give you much value.

  If the same transaction is often the slowest, the top_n setting allows the Java agent (over time) to sample the slowest n transactions. This gives you greater variety and more insight into your application.

The time threshold used to determine when a transaction is eligible to be traced. When the transaction's response time exceeds this threshold, a transaction trace will be recorded and sent to New Relic.

The default is apdex_f (default), which sets the threshold to be the "Frustrated" Apdex level (four times the apdex_t value). You can also set a specific time threshold by entering a float value that represents a number of seconds.

By default, high-security mode does not allow the agent to collect slow queries. Enable this option to collect Cassandra queries from the DataStax driver, even with high security enabled. If you don't use high security, the agent collects slow queries automatically.

For DataStax driver 2.1.2, add this rule to your allow list:

transaction_tracer:
  slow_query_whitelist:
    'com.newrelic.instrumentation.cassandra-datastax-2.1.2'

For DataStax driver 3.0.0, add this rule to your allow list:

transaction_tracer:
  slow_query_whitelist:
    'com.newrelic.instrumentation.cassandra-datastax-3.0.0'

By default, high-security mode does not allow the agent to collect slow queries. Enable this option to collect Cassandra queries from the DataStax driver, even with high security enabled. If you don't use high security, the agent collects slow queries automatically.

For DataStax driver 2.1.2, add this rule to your allow list:

transaction_tracer:
  collect_slow_queries_from:
    'com.newrelic.instrumentation.cassandra-datastax-2.1.2'

For DataStax driver 3.0.0, add this rule to your allow list:

transaction_tracer:
  collect_slow_queries_from:
    'com.newrelic.instrumentation.cassandra-datastax-3.0.0'

This setting can be used to turn on or off all attributes for transaction traces. If attributes.enabled at the root level is false, no attributes will be sent to transaction traces regardless on how this property (transaction_tracer.attributes.enabled) is set.

If attributes are enabled for transaction traces, all attribute keys found in this list will be sent to New Relic in transaction traces. For more information, see the agent attribute rules.

All attribute keys found in this list will not be sent to New Relic in transaction traces. For more information, see the agent attribute rules.

Limits the number of Tokens that can be created per Transaction. Increasing this value may impact performance, because it increases the amount of memory the agent uses and the amount of data sent to New Relic.

Limits the number of segments that can be created per transaction. Increasing this value may impact performance, because it increases the amount of memory the agent uses and the amount of data sent to New Relic.