Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

Customer Solution: Script - Validating Synthetics IP Addresses

synthetics
levelup
whitelist
synthetics-script
rfb
ip-address

#1

New Relic’s Synthetics IP Addresses are mostly static. They can change, but this is infrequent.

If you are a security conscious company with a well locked down network, you likely have had to whitelist the Synthetics IPs. If your whitelist is automated, pulling from the IP list files here, you should be ok!

If however you are manually updating your whitelist with the IPs from the same list linked, you need to know as soon as changes take place.

Usually New Relic will provide notification, by post here on the Explorers Hub, or by email. There is a chance however, that this will catch you out. Perhaps you miss the email or Explorers Hub post, or, you see it, but it falls off your radar before you have the chance to update your whitelists.

This script is here to help! This script gets the live, up to date IP file from: https://s3.amazonaws.com/nr-synthetics-assets/nat-ip-dnsname/production/ip.json - and checks that the IP addresses match the Array we have in our script (here as DublinIPs). In this case Dublin, but you are free to edit this script to your needs, to suit the locations you use in your monitors.

If there is a difference in the IPs, the script will fail with one of the following in the script log:

There’s 1 or more IPs missing, or added on, thus the length of IP Arrays mismatch


The value of one or more IP Address doesn’t match

Requirements:

  • Synthetics Pro or Pro Trial Subscription. (for access to advanced, scripted monitor types)

Note: This Script runs in an API Test Monitor Type.

var startTime = new Date().getTime(),
  thisStep = 0,
  assert = require('assert'),
  Q = require('q'),
  req = require('urllib-sync').request;
  const ScriptTimeout = 0;
  const IPFileUrl = "https://s3.amazonaws.com/nr-synthetics-assets/nat-ip-dnsname/production/ip.json";
  const DublinNode = "Dublin, IE";
  const DublinIPs = [ "54.76.137.83", "34.241.198.127", "18.200.73.249", "99.81.135.174", "34.253.119.85", "34.242.252.249" ];

var log = function (msg) {
    var deferred = Q.defer();
    if (typeof msg === "string") {
        var totalTimeElapsed = (new Date().getTime() - startTime);
        var elapsedSecs = totalTimeElapsed / 1000;
        console.log('Step ' + thisStep + ': ' + elapsedSecs.toFixed(2) + 's: ' + msg);
        thisStep++;
        if (ScriptTimeout > 0 && totalTimeElapsed > ScriptTimeout) {
            throw Error('Script timed out. ' + totalTimeElapsed + 'ms is longer than script timeout threshold of ' + ScriptTimeout + 'ms.');
        }
        deferred.resolve();
    }
    else {
        deferred.reject("Incorrect type passed to log function, expected string");
    }
    return deferred.promise;
};

log("Initialising ...");


var retrieveFileContent = function()
{
	var deferred = Q.defer();
  var res = req(IPFileUrl);
  deferred.resolve(res.data.toString());
  return deferred.promise;
}

var validateIPs = function(data)
{
	var deferred = Q.defer();
  var temp = data.replace("\'", "\"");
  var json = JSON.parse(temp);
  var dublin = json[DublinNode];
  var missingIPCount = 0;

  if(dublin.length != DublinIPs.length)
    deferred.reject("Mismatch in ip lengths");

	for(var i = 0, len = DublinIPs.length; i < len; i++)
	{
		var ip = DublinIPs[i];
		log("Checking for ip of: " + ip);
		if(dublin.indexOf(ip) == -1)
		{
      log("Failed to find ip of: " + ip)
			missingIPCount ++;
		}
	};
  
  if (missingIPCount != 0)
  {
    deferred.reject(missingIPCount + " ip addresses are missing from expected list");
  }
  else
  {
    log("Completed successfully");
    deferred.resolve();
  }

  return deferred.promise;
}

retrieveFileContent()
.then(function(data){
  validateIPs(data);
});

Comment below if this script is useful for you! And share your changes, if you alter this script to suit a different location, or all locations, share that below! :smiley: