I am trying to rollout Content Security Policy for our apps iteratively and I was wondering what is the best practice for CSP reports monitoring in New Relic. I have tried a couple ways to get the data from report-only to New Relic but I am not sure how to make it meaningful and how others use this.
I am using the ruby agent and here are a couple examples and thoughts.
So I setup an endpoint as follow for report-url to hit
This example is to setup to send all those csp report data as errors in Events. So the following example will send all the attribute as custom params and it will show up under Events -> Errors in https://rpm.newrelic.com/ under APM. Then I can create dashboards and alarms
def report NewRelic::Agent.notice_error('cspReport', :custom_params => JSON.parse(request.raw_post)['csp-report']) end
Another way is to send those data as custom event to insights to query as follow. however, we will have to query the event type in insights and will end up with a table. But, I think I can create custom dashboard based on that query and set alarms on it.
def report NewRelic::Agent.record_custom_event('cspReport', JSON.parse(request.raw_post)['csp-report']) end
Please let me know or point me to the right direction as to what’s the best practice to monitor CSP reporting.
Thank you so much