Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The New Relic npm package is a powerful tool for monitoring and managing the performance of your Node.js applications. It provides insights into application performance, error tracking, and user interactions, helping developers to optimize and troubleshoot their applications effectively.
Application Performance Monitoring (APM)
New Relic APM provides detailed insights into the performance of your application, including response times, throughput, and error rates. By simply requiring the New Relic module at the start of your application, it will automatically start monitoring your app's performance.
const newrelic = require('newrelic');
// Your application code here
// New Relic will automatically monitor your app's performance
Custom Instrumentation
Custom instrumentation allows you to monitor specific parts of your application that are not automatically tracked by New Relic. By using the `getTransaction` method, you can create custom transactions and measure their performance.
const newrelic = require('newrelic');
function myCustomFunction() {
const transaction = newrelic.getTransaction();
// Your custom code here
transaction.end();
}
myCustomFunction();
Error Tracking
New Relic provides error tracking capabilities that allow you to capture and report errors that occur in your application. By using the `noticeError` method, you can send error details to New Relic for further analysis.
const newrelic = require('newrelic');
try {
// Your code that might throw an error
} catch (error) {
newrelic.noticeError(error);
}
Custom Events
Custom events allow you to send specific events to New Relic for tracking and analysis. By using the `recordCustomEvent` method, you can create and send custom events with associated data.
const newrelic = require('newrelic');
newrelic.recordCustomEvent('MyCustomEvent', {
key1: 'value1',
key2: 'value2'
});
AppDynamics is a comprehensive application performance management (APM) solution that provides real-time monitoring and analytics for applications. It offers similar functionalities to New Relic, including performance monitoring, error tracking, and custom instrumentation. AppDynamics is known for its robust analytics and detailed transaction tracking.
Datadog is a monitoring and analytics platform for cloud applications. It provides APM, log management, and infrastructure monitoring. Datadog offers similar features to New Relic, such as performance monitoring and error tracking, but it also includes extensive support for infrastructure monitoring and log management, making it a more comprehensive solution for full-stack monitoring.
Elastic APM is part of the Elastic Stack and provides performance monitoring for applications. The `elastic-apm-node` package allows you to monitor Node.js applications with features like transaction tracking, error reporting, and custom instrumentation. It integrates seamlessly with other Elastic Stack components, such as Elasticsearch and Kibana, for powerful data analysis and visualization.
IMPORTANT: New Relic for Node.js is currently in closed beta and is UNSUPPORTED. Customers who tried it out during the open beta period are welcome to continue using it and will receive ongoing limited technical support, but any new deployments will not receive technical support.
Why? Because we've learned a ton during the beta and now we're heads down working on some major improvements and addressing qualities issues that prevented us from a 1.0 release.
We're just as eager as you are to see Node + New Relic live happily ever after and we're 100% committed to it. We expect to open up a new beta in the coming months. If you'd like to know when the new beta is ready, please sign up to be notified.
This package instruments your application for performance monitoring with New Relic.
This is an UNSUPPORTED beta release. It has known issues that may affect your application's stability. You should probably try it in your staging or development environment first to see how it works for you.
Make sure you have a New Relic account before starting. To see all the features, such as slow transaction traces, you will need a New Relic Pro subscription. Contact your New Relic representative to request a Pro Trial subscription during your beta testing.
npm install newrelic
for the application you
want to monitor.newrelic.js
from node_modules/newrelic
into the root directory of
your application.newrelic.js
and replace license_key
's value with the license key
for your account.require('newrelic');
as the first line of the app's main module.If you wish to keep the configuration for the agent separate from your
application, the agent will look for newrelic.js in the directory referenced
by the environment variable NEW_RELIC_HOME
if it's set.
When you start your app, the agent should start up with it and start
reporting data that will appear within the New Relic
UI after a few minutes. Because the agent
minimizes the amount of bandwidth it consumes, it only reports data once a
minute, so if you add the agent to tests that take less than a minute to run,
the agent won't have time to report data to New Relic. The agent will write
its log to a file named newrelic_agent.log
in the application directory. If
the agent doesn't send data or crashes your app, the log can help New Relic
determine what went wrong, so be sure to send it along with any bug reports
or support requests.
The agent can be tailored to your app's requirements, both from the server and
via the newrelic.js configuration file you created. For complete details on
what can be configured, refer to
lib/config.default.js
,
which documents the available variables and their default values.
In addition, for those of you running in PaaS environments like Heroku or
Microsoft Azure, all of the configuration variables in newrelic.js
have
counterparts that can be set via environment variables. You can mix and match
variables in the configuration file and environment variables freely;
environment variables take precedence.
Here's the list of the most important variables and their values:
NEW_RELIC_LICENSE_KEY
: Your New Relic license key.NEW_RELIC_NO_CONFIG_FILE
: Inhibit loading of the configuration file
altogether. Use with care. This presumes that all important configuration
will be available via environment variables, and some log messages
assume that a config file exists.NEW_RELIC_APP_NAME
: The name of this application, for reporting to
New Relic's servers. This value can be also be a comma-delimited list of
names.NEW_RELIC_HOME
: path to the directory in which you've placed newrelic.js.NEW_RELIC_LOG
: Complete path to the New Relic agent log, including
the filename. The agent will shut down the process if it can't create
this file, and it creates the log file with the same umask of the
process. Setting this to stdout
will write all logging to stdout, and
stderr
will write all logging to stderr.NEW_RELIC_LOG_LEVEL
: Logging priority for the New Relic agent. Can be one of
error
, warn
, info
, debug
, or trace
. debug
and trace
are
pretty chatty; unless you're helping New Relic figure out irregularities
with the agent, you're probably best off using info
or higher.For completeness, here's the rest of the list:
NEW_RELIC_ENABLED
: Whether or not the agent should run. Good for
temporarily disabling the agent while debugging other issues with your
code.NEW_RELIC_ERROR_COLLECTOR_ENABLED
: Whether or not to trace errors within
your application. Values are true
or false
.NEW_RELIC_ERROR_COLLECTOR_IGNORE_ERROR_CODES
: Comma-delimited list of HTTP
status codes to ignore. Maybe you don't care if payment is required?NEW_RELIC_TRACER_ENABLED
: Whether to collect and submit slow
transaction traces to New Relic. Values are true
or false
.NEW_RELIC_TRACER_THRESHOLD
: Millisecond duration at which
a transaction trace will count as slow and be sent to New Relic. Can
also be set to apdex_f
, at which point it will set the trace threshold
to 4 times the current ApdexT.NEW_RELIC_TRACER_TOP_N
: Number of transaction traces to send to New
Relic on each 60-second harvest cycle. Defaults to 1. This can lead
to noisy transaction traces and should be used with care.NEW_RELIC_APDEX
: Set the initial Apdex tolerating / threshold value.
This is more often than not set from the server.NEW_RELIC_HOST
: Hostname for the New Relic collector proxy. You
shouldn't need to change this.NEW_RELIC_PORT
: Port number on which the New Relic collector proxy
will be listening.NEW_RELIC_DEBUG_METRICS
: Whether to collect internal supportability
metrics for the agent. Don't mess with this unless New Relic asks you to.NEW_RELIC_DEBUG_TRACER
: Whether to dump traces of the transaction tracer's
internal operation. You're welcome to enable it, but it's unlikely to be
edifying unless you're a New Relic Node.js engineer.Information about changes to the agent are in NEWS.md.
The New Relic Node.js agent uses code from the following open source projects under the following licenses:
bunyan http://opensource.org/licenses/MIT
The New Relic Node.js agent itself is free-to-use, proprietary software. Please see the full license (found in LICENSE in this distribution) for details.
FAQs
New Relic agent
The npm package newrelic receives a total of 740,077 weekly downloads. As such, newrelic popularity was classified as popular.
We found that newrelic demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.