How to query user IP addresses and user agents and CPU usage?

Hi, I’m trying to build an alert using NRQL queries.
In the past few months, we’ve been getting DDOS attacks and the way we would fix those is to block the IP address and/or user agents of the offender.

I want to be able to create an alert querying those two things so that we can cut time in figuring out who is causing the issue.

Is this possible? If not, what are our alternatives?

I also want to be able to create an alert for when CPU usage spikes to a 100% for 30 minutes straight, but i see no where to do that currently.

Please help!


Hi, @kevin.ting: By default, New Relic does not record IP addresses; if you want to track them, you will need to add them as a custom attribute. You may, however, use the following query to group requests by user agent:

SELECT count(*) FROM Transaction WHERE appName = 'Your Application' FACET request.headers.userAgent

You should be able to use an Infrastructure host metric condition to notify of 100% CPU for 30 minutes:

1 Like

Thanks @philweber! But it looks like request.headers.userAgent isn’t available for me.

I only get the following when building my query:

Which APM language agent are you using? You may need to enable the user agent header in your agent configuration file.

I may need to speak to our Acquia account manager to get that info. They helped us set New Relic up for our application.

Is that something I can navigate to?

You can see which language agent you are using by looking at the legend under your application’s transaction response time chart:

Since you are working with Acquia, I would guess PHP. You can read about how to capture additional PHP request attributes here: Enable or disable attributes | New Relic Documentation.

Yes, It’s PHP.
Thanks for the documentation link. It looks like I need to make changes to the newrelic.ini file to do these, but I don’t have access to that.
I’ll check in with Acquia. Thank you!

Let us know if you need anything else @kevin.ting!

A post was split to a new topic: [.Net] Add header parameters to config file