Skip to content

New Relic Insights Query Key

Service Name: New Relic

Service Description: New Relic is an observability platform that helps engineers plan, build, deploy, and run software. It provides application performance monitoring, infrastructure monitoring, digital experience monitoring, and applied intelligence capabilities.

Service Address: https://newrelic.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through New Relic's security settings.

Secret Access Scope: Grants read-only access to query New Relic Insights data using the Insights Query API. This allows users to retrieve metrics, events, and other telemetry data stored in New Relic.

Secret Revokement URL: https://docs.newrelic.com/docs/apis/insights-apis/query-insights-api/insights-query-api-key-management/

Secret Example: NRIQ-AbCdEfGhIjKlMnOpQrStUvWxYz12345678

Suspicious Activity Investigation Instructions:

  • Review the New Relic audit logs for unusual query patterns or excessive data access.
  • Check for queries originating from unexpected IP addresses or locations.
  • Monitor for unusual data export volumes or patterns.
  • Examine the types of data being queried for sensitive information access.
  • Review the New Relic account for any unauthorized user additions or permission changes.

Mitigation Instructions:

  • Log in to your New Relic account and navigate to the API keys management section.
  • Locate the compromised Insights Query Key.
  • Delete the compromised key immediately.
  • Generate a new Insights Query Key if needed.
  • Update all legitimate applications and services with the new key.
  • Consider implementing more restrictive IP allowlisting for API access.
  • Review and update your key rotation policies to ensure regular rotation of API keys.
  • Audit your application code to ensure keys are not hardcoded or stored insecurely.