Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

Feature Idea: Disable Error logging for an IP range

feature-idea

#1

We have automated security scanners constantly checking our sites for known weaknesses. These scanners triggers a lot of HTTP errors, which they should.
The problem is that New Relic don’t know that these errors are not relevant for us, and is actually just cluttering our logs when we are looking for “real” errors.

It would be great if we could define one or more ip-address or IP-ranges that are excluded from being picked up by NewRelic error logging.
Would definitely add value for us!

Thanks.


New Relic edit

  • I want this, too
  • I have more info to share (reply below)
  • I have a solution for this

0 voters

We take feature ideas seriously and our product managers review every one when plotting their roadmaps. However, there is no guarantee this feature will be implemented. This post ensures the idea is put on the table and discussed though. So please vote and share your extra details with our team.


#2

Thank you for your request and story, @daggodt. I’ve sent your feature request off to our product management team.


#3

*bump on this as we have the EXACT same issue. Security scans through a bunch of garbage at our various systems, and being able to filter out IP’s on the request (e.g. x-forward-for header or even requested ip) would help. A lot of our apps show 10+% error rates as the scans go through as the apps, correctly, will throw status codes of “Unauthorized” or similar. We can block those status codes, but I’d actually like to track those as normal valid errors.


#4

Hey @jasonmcintosh thanks for the additional input. I went ahead and created a feature request for you as well, and sent it off to product management.

Thanks for posting to the forum!


#5

As an aside, you could programmatically determine the IP address a request is coming from in .NET using something similar to

Request.ServerVariables["REMOTE_ADDR"]

If you know the IP addresses you wish to prevent from reporting to New Relic, you could then use a comparison logic to identify whether or not the request has come from one of these IP addresses and then use the agent API to ignore the transaction which should effectively disable our instrumentation overall for those requests.

On a final note, the New Relic for .NET agent only records uncaught exceptions, SQL exceptions, and items identified by our NoticeError() API call as errors. By crafting an error handler for requests which come from these IP addresses, you could effectively catch these errors and prevent them from reporting to our dashboard.

Although this is not an “Out of the box” solution from within our agent, it should provide you with the information you need to safely prevent these errors from diminishing the overall usability of our service when used in conjunction with security probing services or crawlers such as the ones you have suggested you are utilizing in your organization.


How to exclude IP or headers from monitoring?
#6

Any progress on this feature request. Have the same issue ( vulnerability scanner).


#7

Nothing to share right now, @twells. I have added a poll so we can collect interest around this! Please be sure and vote and I will pass your use case along. And if you feel like providing more context for us, please do so below!