New Relic considerations
Considerations for using New Relic in the federal government.
Below is a description of the settings in your New Relic
.ini file that concern privacy and security. Example configuration files can be found in this repository:
An encrypted TLS connection
Enable TLS to encrypt and authenticate connections between your server and the New Relic servers.
ssl = true
The setting is called
ssl after the old, now-deprecated SSL protocol. New Relic has disabled SSLv3.
Leave the transaction SQL tracer to
transaction_tracer.record_sql = obfuscated
Don't change to
raw. If there are specific, potentially user-provided or user-stored values you need to capture, use something other than New Relic to do it, such as your own local database.
New Relic has a setting to auto-insert a
By default, we recommend leaving the in-browser monitoring snippet off.
browser_monitoring.auto_instrument = false
Right now, there is one example file for a low-risk Python project. It would be great to expand that to include Ruby and Node examples as well as other considerations for higher risk projects.