New Relic API Service Key
Service Name: New Relic
Service Description: New Relic is an observability platform that helps engineers plan, build, deploy, and run software. It provides application performance monitoring, infrastructure monitoring, digital experience monitoring, and applied intelligence capabilities.
Service Address: https://newrelic.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through New Relic's API Keys management interface.
Secret Access Scope: New Relic API Service Keys provide full access to the New Relic REST API, allowing users to query and modify data within their New Relic account, including metrics, events, logs, and configuration settings.
Secret Revokement URL: https://one.newrelic.com/admin-portal/api-keys
Secret Example: NRAK-3XXXXXXXXXXXXXXXXXXXXXXXXX
Suspicious Activity Investigation Instructions:
- Review the New Relic audit log for unusual API calls or data access patterns
- Check for unexpected changes to alert configurations, dashboards, or monitors
- Look for unusual data queries or high volumes of API requests
- Verify if there are any new integrations or webhooks that were recently added
- Monitor for unauthorized access to sensitive application data
Mitigation Instructions:
-
Log in to your New Relic account and navigate to the API Keys management page
-
Identify the compromised API Service Key
- Delete the compromised key immediately
- Create a new API Service Key with appropriate permissions
- Update any legitimate applications or services that were using the old key
- Review and update your key rotation policies
- Consider implementing more restrictive permissions for new keys
- Enable notifications for API key usage and creation events