Data for New Relic accounts are isolated so that users can only see the data for accounts they own (or have been given permission to see). New Relic also has certain rights regarding customers' data, described in the Terms and Conditions page on the New Relic website.
In order to help us improve our product and user experience, New Relic uses third-party analytics services to better understand the behavior of users on our site. The user data that New Relic collects is used solely by New Relic and is not shared, sold, or rented to any third parties for their own use. For more information, see our Services data privacy notice.
Data transmission and firewalls
The New Relic agent communicates with two hosts:
collector-nnn.newrelic.com, where nnn is a numerical value
Typically the numbered host is fixed for your account, and it appears in the
For required changes when you want to create firewall rules to allow the agent to communicate, see Networks. For more information about security measures for your data in transit to New Relic or at rest in our storage, see Data encryption.
Hosting and data storage
New Relic is self-hosted with co-location services called Server Central in a Tier 3 data center in Chicago and an IBM-hosted data center near Frankfurt, Germany. New Relic uses standard best practices to maintain a firewall for our servers and to protect our servers from unauthorized login.
All data is stored in a cluster of MySQL databases. Metric data is not encrypted, nor are transaction traces or errors (although they are stored in a compressed serialized format). New Relic data is backed up nightly, and an archive is stored at a secondary data center.
Access to account data by New Relic employees is limited to a necessary set of users consistent with their assigned New Relic responsibilities. Except to the extent necessary to provide subscribed services and as documented in our Services data privacy notice, customer account data is not shared with any third parties. All customer account data access is logged and regularly audited.
HTTP parameters disabled by default
By default, New Relic agents disable collection of HTTP request parameters, such as the query string of a URL. This is an automatic safeguard to protect potentially sensitive data. New Relic collects and displays HTTP parameters only when you explicitly enable them in your agent configuration file.
When New Relic agents refer to data obfuscation, this means the data is masked and cannot be recovered. For example, with APM queries, the
Record SQL? value defaults to
obfuscated. This strips the string literals and numeric sequences and then replaces them with the
You can mask sensitive information in HTTP or HTTPS requests. For more information, see the documentation for specific New Relic products or services, including: