With log management you have direct control over what data is reported to New Relic. To ensure data privacy and to limit the types of information New Relic receives, no customer data is captured except what you supply in API calls or log forwarder configuration. All data for the logs service is then reported to New Relic over HTTPS.
This document describes additional security considerations for your logging data. For more information about New Relic's security measures, see our security and privacy documentation, or visit the New Relic security website.
The log management service automatically masks number patterns that appear to be for items such as credit cards or Social Security numbers. All integers, including spaces and hyphens that may be used as delimiters, are replaced with a string of
Numbers that appear to be a credit card (thirteen to sixteen digits) are obfuscated as
XXXXXXXXXXXXXXXX. For example:
- Numbers with hyphens, such as
- Numbers with spaces, such as
4111 1111 1111 1111
- Numbers with thirteen (Visa), fourteen (Diner's Club), fifteen (American Express, JCB), or sixteen digits (Visa, Mastercard, Discover, JCB), such as
Nine-digit numbers with hyphens that appear to be Social Security numbers, such as
123-45-6789, are obfuscated as
XXXXXXXXX. Nine-digit numbers with spaces, such as
123 45 6789, or hyphens in a different pattern, such as
12-345-67-89, are not automatically obfuscated.
If you need to opt out of automatic obfuscation, get support at support.newrelic.com.
Customize your security settings
The data you send to New Relic, including any additional filtering, is controlled by the configuration of the log forwarder you use, such as FluentD. Because you control what customer data is logged, be sure to follow your organization's security guidelines to mask, obfuscate, or prevent sending any sensitive data.