New Relic Insights Insert Key
Service Name: New Relic
Service Description: New Relic is an observability platform that helps engineers plan, build, deploy, and run software. It provides application performance monitoring, infrastructure monitoring, digital experience monitoring, and applied intelligence capabilities.
Service Address: https://newrelic.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through New Relic's security settings.
Secret Access Scope: Grants the ability to insert custom events into New Relic Insights, allowing applications to send custom event data to the New Relic platform.
Secret Revokement URL: https://docs.newrelic.com/docs/insights/insights-data-sources/custom-data/insert-custom-events-insights-api/#manage-insert-keys
Secret Example: VkUWDhQMzVBQVBBQlJBQUJFQUE2M0JRQVFWVkJFRkVaRFU1UlFWQT09
Suspicious Activity Investigation Instructions:
- Review the New Relic Insights dashboard for unusual event data or patterns.
- Check the volume of custom events being sent to identify potential abuse.
- Examine the content of custom events for unauthorized or suspicious data.
- Review New Relic audit logs for unusual API access patterns.
- Check for unexpected spikes in data ingestion that could indicate misuse.
Mitigation Instructions:
- Log in to your New Relic account and navigate to the Insights section.
- Go to Manage Data > API Keys.
- Locate the compromised Insert Key.
- Click the delete icon next to the key to revoke it.
- Create a new Insert Key if needed.
- Update all legitimate applications with the new key.
- Review and update your application code to ensure keys are not hardcoded or exposed.
- Consider implementing key rotation policies for better security.