The New Relic Java agent
Added a public preview of the Interactive Application Security Testing (IAST) mode of the New Relic Security agent. 1224
Warning The New Relic Security agent IAST mode is in public preview and should only be used in non-production environments.
By default, the New Relic Security agent IAST mode is completely disabled. To enable it, set both newrelic.config.security.agent.enabled=true
and newrelic.config.security.enabled=true
.
Full configuration options are detailed below (note that the security
stanza should be indented two spaces under the pre-existing common
stanza in the newrelic.yml
config file):
# New Relic Security vulnerability detection.
security:
# Determines whether the security data is sent to New Relic or not. When this is disabled and agent.enabled is
# true, the security module will run but data will not be sent. Default is false.
enabled: false
# New Relic Security provides two modes: IAST and RASP
# Default is IAST. Due to the invasive nature of IAST scanning, DO NOT enable this mode in either a
# production environment or an environment where production data is processed.
mode: IAST
# New Relic Security’s SaaS connection URL
validator_service_url: wss://csec.nr-data.net
# To completely disable all security functionality, set this flag to false. This property is
# read only once at application start. Default is false.
agent:
enabled: false
# These are the category of security events that can be detected. Set to false to disable detection of
# individual event types. Default is true for each event type.
detection:
rci:
enabled: true
rxss:
enabled: true
deserialization:
enabled: true
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v8.3.0...v8.4.0
Batch Payloads and Compression for Infinite Tracing: Enhanced performance by providing option to enable payload compression and batching for Infinite Tracing 1146.
HttpClient v5.0+ Support: The Java agent now supports HttpClient version 5.0 and above 1252.
On-the-fly Class Retransformation: Classes with Trace annotation are now retransformed upon attach, enhancing instrumentation flexibility 1147.
Enhanced Logging for Cats Effect 2: Log Cats Effect 2 instrumentation at Finest log level 1173.
High Security Mode disables user tracking 1261.
Selective RollingFileAppender Usage: The RollingFileAppender is now only used when log_limit_in_kbytes is greater than 0, improving logging efficiency 1228.
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v8.2.0...v8.3.0
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v8.1.0...v8.2.0
Added support for Webflux 6 1181
Added support for Spring JMS 6 1088
Added support for Mongodb Reactive Streams 1164
Added support for Kafka Streams 1170
Support for Kafka Streams comes in two flavors, metrics and spans. Metrics are enabled by default, while spans are disabled by default. To enable spans add the following to your newrelic.yml configuration under the common stanza:
common:
class_transformer:
kafka-streams-spans:
enabled: true
Error fingerprint - supply your own errors inbox group names 1195
Are your error occurrences grouped poorly? Set your own error fingerprint via a callback function. A new public API method has been added that will accept a user defined proc. The proc will be invoked for each noticed error and whenever it returns a string, that string will be used as the error group name for the error and will take precedence over any server-side grouping that takes place with the New Relic errors inbox. This gives users much greater control over the grouping of their errors. For more information check our API: Error Grouping and APM: Group errors tab pages.
User tracking - associate errors with a user id 1188
You can now see the number of users impacted by an error group. Identify the end user with a new public API method that will accept a string representation of a user id and associate that user id with the current transaction. Transactions and errors will then have a new enduser.id
agent attribute associated with them. This will allow agent users to tag transactions and errors as belonging to given user ids in support of greater filtering and alerting capabilities. For more information check the Newrelic.setUserId documentation and the Track users impacted with errors inbox page.
Invoking token.link()
outside a transaction will instrument that method to start an async transaction 1140
The Kafka clients instrumentation has new metrics to list the nodes: MessageBroker/Kafka/Nodes/<node>
1130
addCustomAttributes
1115
TokenAndRefCount.token
is never null 1149
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v8.0.0...v8.1.0
TokenAndRefCount.token
is never null https://github.com/newrelic/newrelic-java-agent/pull/1148
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v8.0.0...v8.0.1
This release includes a change to the HttpURLConnection
instrumentation that creates a TimerTask
to help ensure complete externals reporting. Under some circumstances this may result in a large number of threads being created, which may exhaust the maximum allocated to the JVM, causing it to stop. This issue has been fixed in the 8.0.1 release and it is highly recommended that you update to this version of the Java agent.
snakeyaml
dependency to 1.33 https://github.com/newrelic/newrelic-java-agent/pull/1077
-Dnewrelic.config.log_level=finest
and -Dnewrelic.debug=true
are set https://github.com/newrelic/newrelic-java-agent/pull/1066
recordCustomEvent
API now includes event type, key and value https://github.com/newrelic/newrelic-java-agent/pull/1083
POSTGRES_DIALECT_PATTERN
https://github.com/newrelic/newrelic-java-agent/pull/1050
ClassCastException
in GraphQL 16/17 https://github.com/newrelic/newrelic-java-agent/pull/1082
HttpURLConnection
instrumentation to fix several bugs that were affecting external calls and distributed traces https://github.com/newrelic/newrelic-java-agent/pull/1102
grpc-1.40.0
instrumentation to ensure that tokens were properly being linked across threads https://github.com/newrelic/newrelic-java-agent/pull/1105
ReadTimeoutException
https://github.com/newrelic/newrelic-java-agent/pull/1109
The following previously deprecated instrumentation modules were removed:
cassandra-datastax-2.1.2
httpclient-3.0
jdbc-embedded-derby-10.2.1.6
jdbc-embedded-derby-10.10.1.1
jetty-7
jetty-7.6
jetty-9
jetty-9.0.4
jetty-9.1
mongodb-2.12
mongodb-2.14
mongodb-3.0
okhttp-3.0.0
okhttp-3.4.0
okhttp-3.5.0
The previously deprecated httpResponseCode
, response.status
and response.statusMessage
transaction/span attributes were removed. These have been replaced by http.statusCode
and http.statusText
. If you have any custom dashboards or alerts that query the httpResponseCode
, response.status
, and response.statusMessage
attributes then they will need to be updated to instead use http.statusCode
and http.statusText
.
The following instrumentation modules have been deprecated for removal:
The httpResponseCode, response.status and response.statusMessage transaction/span attributes are deprecated and will be removed in a future release. These have been replaced by http.statusCode and http.statusText.
@malaki12003
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v7.11.0...v7.11.1
Support Java 19. #1022
Support Play 2.8.16+. #981
Support ojdbc8 v21.1.0.0+. #1042
Support Semeru/OpenJ9 JVMs #993
Support log forwarding for java.util.logging (JUL). #1049
Support forwarding context data in logs #866
The agent can now forward data in Mapped Diagnostic Context (MDC, logback/slf4j) and ThreadContext (log4j2) as attributes when forwarding log records. When the feature is enabled, these attributes will be added with a context.
prefix. For details on how to enable this feature see the documentation for context_data
Custom Event Limit Increase #1036 This version increases the default limit of custom events from 10,000 events per minute to 30,000 events per minute. In the scenario that custom events were being limited, this change will allow more custom events to be sent to New Relic. There is also a new configurable maximum limit of 100,000 events per minute. To change the limits, see the documentation for max_samples_stored. To learn more about the change and how to determine if custom events are being dropped, see our Explorers Hub post.
Code-level metrics on by default #1037 The code-level metrics functionality introduced with agent 7.10 is now enabled by default. This feature will cause an increase in the consumption of data. The amount depends on the application. To disable code-level metrics, see instructions on our code-level metrics documentation.
The following instrumentation modules are being deprecated for removal:
The httpResponseCode, response.status and response.statusMessage transaction/span attributes are deprecated and will be removed in a future release. These have been replaced by http.statusCode and http.statusText.
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v7.10.0...v7.11.0
Jetty 11 Tomcat 10 Enterprise Java Beans 4.0 Jakarta RS/WS Jersey 3+ Jersey Client 3 JSP 3 Servlet 5 & 6 Jakarata.xml JMS 3 Glassfish 6.0 Open Liberty 21.0.0.12+
For traced methods in automatic instrumentation or from @Trace annotations, the agent is now capable of reporting metrics with method-level granularity. When the new functionality is enabled, the agent will associate source-code-related metadata with some metrics. Then, when the corresponding Java class file that defines the methods is loaded up in a New Relic CodeStream-powered IDE, the four golden signals for each method will be presented to the developer directly.
thread.name thread.id logger.name logger.fqcn error.class error.stack error.message
Fixed an issue with Distributed Tracing headers not being added on external requests made with the HttpUrlConnection client
New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v7.9.0...v7.10.0
NEWRELIC_DEBUG
where setting it to true
activates the debug configuration. https://github.com/newrelic/newrelic-java-agent/pull/890
httpurlconnection
instrumentation to use newer distributed tracing APIs so that spans are correctly marked as external calls in distributed traces and contain the expected http.*
attributes. https://github.com/newrelic/newrelic-java-agent/pull/885
New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Full Changelog: https://github.com/newrelic/newrelic-java-agent/compare/v7.8.0...v7.9.0