Skip to content

Latest commit

 

History

History
46 lines (33 loc) · 2.84 KB

ruby-agent-audit-log.mdx

File metadata and controls

46 lines (33 loc) · 2.84 KB
Raw
title tags metaDescription redirects freshnessValidatedDate
Ruby agent audit log
Agents
Ruby agent
Troubleshooting
New Relic's Ruby agent audit log is disabled by default. To enable it in your newrelic.yml file, add audit_log. enabled: true.
/docs/agents/ruby-agent/troubleshooting/ruby-agent-audit-log
/docs/ruby/audit-log
/docs/agents/ruby-agent/installation-and-configuration/ruby-agent-audit-log
/docs/agents/ruby-agent/installation-configuration/ruby-agent-audit-log
never

For security auditing purposes, the Ruby agent records all data sent to the New Relic collector to a log file in a human readable format. This feature is available with Ruby agent version 3.5.5 and higher.

Configure the audit log [#configure]

Enable this feature only if you need detailed information on what is being transmitted for debugging or auditing purposes. Enabling this feature for an extended period of time may overload the audit log file.

The audit log is disabled by default, and it must be enabled manually. To enable, add the following to your newrelic.yml file: audit_log.enabled: true.

By default, the New Relic Ruby agent writes the audit log to a file next to the main New Relic agent log at log/newrelic_audit.log. To control the location of the audit log file, set the audit_log.path configuration parameter to the full path where you want the audit log.

Audit log content [#content]

The audit log file does not need special tools in order to be read. It contains two lines for each request that the New Relic agent makes to the New Relic collector:

  • The first line lists the host and URI path that the request was made against.
  • The second line includes the full request body contents in a human-readable format.

Request bodies in the audit log do not represent the exact byte-sequences sent to the New Relic collector, as they may have several layers of encoding applied before transmission to the New Relic collector. However, when they are dumped to the audit log, no other information is added to outgoing requests.

To capture the raw request bodies in their encoded form, use a packet-capture tool such as **tcpdump**.

Request body format [#format]

The format of the request body depends on the communication format used by the agent:

  • Newer Ruby versions use JSON for data serialization, so the audit log will contain JSON representations of request bodies.
  • Older Ruby versions use Ruby's native Marshal format to serialize request bodies. Because this is an opaque format, the audit log contains the result of calling Object#inspect. This produces a human-readable representation of the request object graph immediately before serialization.