APM transaction traces collect detailed data about your application's transactions. Because they collect detailed data from your app, transaction traces can be a potential security concern. This document explains how to configure transaction traces for your data security needs.
The database query types collected by transaction traces vary by New Relic language agent. Query collection is a potential security and/or privacy concern because queries can contain sensitive values.
You can customize database query collection with three different security settings:
- Obfuscated: This is the default value. This setting strips string literals and numeric sequences from your queries and replaces them with the
?character. For example: the query
select * from table where ssn='123-45-6789'would become
select * from table where ssn=?.
- Off: Query collection is turned off entirely.
- Raw: If you are confident that full query data collection will not impact your data security or your users' privacy, you can change the setting to
Raw, which will record all query values.
You can edit database query collection with the
Record SQL setting, explained in Configure transaction traces.
The collection of HTTP request data can expose potentially sensitive data. New Relic calls the key/value data collected during an HTTP request attributes. By default, the collection of attributes is limited to only basic HTTP information that is not a source of sensitive data (for example, response code and host); these are part of the group of basic attributes that New Relic refers to as agent attributes.
For data security reasons, the collection of other attributes, including user-specific parameters, is disabled by default. For information on how to enable/disable the collection of specific HTTP attributes and custom attributes, see Configure transaction traces.
New Relic's default settings provide a high level of security. To force the most secure settings for all the applications in your account, you can use the high security mode. This mode ensures that, no matter how your admins and users configure your account, the most secure settings are forced and cannot be overridden. For more information, see High security mode.