• Log inStart now

Manage automatic logging

This information applies to agents using APM logs in context, including:

Impact of automatic logging

By default, the above New Relic agents automatically forward log data from APM agents in the context of APM logs. However, you can manage this feature at the account level:

  • To comply with your organization's policy.
  • For security and compliance reasons, we want to control which logs are forwarded.
  • When there are severe cost constraints and you do not want to increase TDP usage.
  • The design of system resources doesn't allow for the increased overhead of the logs transfer function.

Automatic logs collection is not applicable if your agent has high security mode enabled.

Options to manage automatic logging settings

If you want to disable (or re-enable) automatic log forwarding for all APM agents on your account so that no logs will be forwarded, use either of these options:

If you want to disable automatic log forwarding for some agents and enable it for other agents, update their configuration file. This also lowers overhead.

If you need assistance with updating multiple accounts (for example, a parent account with multiple child accounts), contact your New Relic account representative. If you do not have an account rep, get support at support.newrelic.com.

Manage settings via UI

The APM log settings UI allows you to manage whether APM log forwarding is enabled or disabled at the parent and child account level.

Parent account settings

At the parent account level, you can choose to enable or disable APM log forwarding. Any child accounts that have not made their own changes from the default setting (enabled) will automatically inherit any changes made from the parent account. Child accounts that have applied their own changes will not be affected by parent account changes.

Parent accounts can also choose to lock or unlock APM log forwarding settings. Locking forces all child accounts to inherit the parent account's enabled or disabled setting, regardless of whether they had previously updated their own enabled or disabled setting. Unlocking allows child accounts to override the parent account's enabled or disabled setting.

Child account settings

At the child account level, you can enable or disable APM log forwarding as long as the parent account has not locked this setting. When the parent account locks APM log forwarding, a child account will inherit the parent account's enabled or disabled setting, and be unable to make any changes.

  1. From the account dropdown in the New Relic UI, click Manage your data > Log settings.
  2. Click the ellipsis ... menu at the right side of the account's row.
  3. Click the confirmation button to enable or disable and lock or unlock automatic logging (parent accounts) or enable or disable only (child accounts).

After you disable via the New Relic UI, it may take several minutes for the agent to restart and stop automatic log forwarding.

Manage via API

Use the dataManagementUpdateFeatureSettings in api.newrelic.com/graphiql. Refer to the populated example and related documentation in the GraphiQL UI.

When you disable or enable via the NerdGraph API, changes should take effect immediately.

Query example:

{
actor {
account(id: <ACCOUNT_ID_HERE>) {
dataManagement {
featureSettings {
enabled
key
name
locked
}
}
}
}
}

Mutation example:

Use this mutation to update each account individually.

mutation {
dataManagementUpdateFeatureSettings(
accountId: <ACCOUNT_ID_HERE>
setting: {
enabled: false
locked: true
featureSetting: {
key: "apm_log_forwarding"
}
}
) {
enabled
key
name
locked
}
}

Disable for some agents

If you want to disable automatic log forwarding for some agents and enable it for other agents, you can adjust each agent's client-side configuration settings. The agents will never instrument the log data in the first place; instead, they will completely remove the logs. You will need to use client-side configuration if you need to lower overhead.

Client-side configuration settings work completely independently of server-side configuration. The config setting to disable auto logging takes precedence even if the server-side configuration takes precedence for the agent (like Ruby) in other situations. Only the agents that read the changed config file will be impacted.

For more information, see the procedures for the specific agent:

Frequently asked questions

Copyright © 2022 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.