Relic Solution: What is bam.nr-data.net? New Relic Browser monitoring

You are probably reading this because you found a reference to this URL in the header of a page monitored by New Relic’s Browser product and you’re wondering what it’s all about. Let’s take a look at this URL and how Browser Monitoring works in New Relic.

So what is bam.nr-data.net?

Here’s the short explanation: The Browser application monitoring agent transmits data to New Relic’s data collection servers via the domain bam.nr-data.net. Of course, there’s more to the story than that. If you’re the kind of person that needs to know more, then read on!

How does New Relic Browser monitoring work?

Depending on your subscription level, New Relic Browser can monitor a variety of details about everything from page load timing to time spent in the front end, time spent in the back end, geography, and browser type.

To collect the data, New Relic Browser uses JavaScript elements pasted or injected into your webpages, typically as part of the HEAD of the page, containing configuration details and essential browser environment instrumentation. Once the page finishes loading, an additional script is downloaded from a CDN server. This additional script processes collected data and reports it back to New Relic via bam.nr-data.net so that you can see the data in your New Relic account. You can find more details about how Browser instrumentation works in the documentation.

You should also know that New Relic Browser only collects performance data, as explained in this document. It does not collect any data used or stored by the monitored application unless you explicitly configure it to do so.

Learn more

What to deep dive into the BAM collector, check out this follow-up Level-Up Solution Relic Solution: Understanding Bam.nr-data.net, Data transmission & its Endpoints

Ready to learn more? You can review the full suite of documentation for Browser or check out New Relic University’s self-guided course.

2 Likes

I see two calls one to bam.nr-data.net…/resources and one to bam.nr-data.net/events , sometimes those calls take 5+ seconds… what is been transferred in those calls?

I am also seeing quite a lot of script errors around this time ( in session traces )

We’re seeing this combined some serious slowness in our page load times. I shouldn’t be able to harvest the entire URL of the script by looking at the bottom bar of my browser.

If you need to scale up, I’m with IBM Cloud. Maybe we can help you with that

I’m having the same errors. Were you able to fix them?

1 Like

Hi @jnewman,

Thank you for the article.

However, I have question. I am reviewing the source code of a web page from security perspective.

In the home page of the web application, I found this code snippet:

window.NREUM||(NREUM={});NREUM.info={"beacon":"bam.nr-data.net","errorBeacon":"bam.nr-data.net","licenseKey":"6f521120d1","applicationID":"24754586","transactionName":"JwwITUdWXQ1US04SAgMGDEZcV1UESQ==","queueTime":0,"applicationTime":53,"agent":""}

If you can observe, there is something called as licenseKey and its value and beacon as bam.nr-data.net .

So can you let me know what that licenseKey is about and is it security risk disclosing the licenseKey publicly in the page source of the application.

Note: I have changed the licenseKey value and replaced it with a dummy one.

Thanks,
Sai Dutt Mekala.

5 Likes

A post was split to a new topic: Unblock bam.nr-data.net

I to have a same doubt. Any solution??

Hey @hackerparakh97

The license key is used to identify the data from your browser app when sent to New Relic. That is specific to your account, and along with the Application ID, it ensures your data is sent to the right application in the right account.

Is it a security threat? It could be seen as one, but we take measures to try to ensure it is not.

Firstly, with that license key, nobody can pull any data from your account.

The license key does not allow anyone to log in.

That license key is unique to Browser. This is separate from the primary account license key for the very reason that this will be publicly viewable.

If someone contacts support with a license key asking for access to the account, we have strict processes in place to ensure no ill-intending people gain access to accounts.

So, what can be done with a browser license key?..

We have very rarely seen people completely copy a New Relic customers site. If they don’t remove the browser snippet when they do that, then the copy site will report data to your account. It will report to the same app in the New Relic UI and can make it hard for you to interpret your own data, versus the copied site data.

To work around that you can use Domain conditions. To only allow data from your own domain name.
https://docs.newrelic.com/docs/browser/new-relic-browser/configuration/monitor-or-block-specific-domains-subdomains

1 Like