diff --git a/README.md b/README.md
index 51730318a..61aa15f14 100644
--- a/README.md
+++ b/README.md
@@ -102,6 +102,37 @@ To enable the public submission validation API, modify the `.env` file with
Ensure the environment variable `CPC_END_DATE` is set to a valid date, in the format `YYYY-MM-DD`, or a validation error may be thrown.
+### Updating the New Relic Agent
+
+**Step 1**: Check the Current New Relic Agent Version in new relic dashboard using metadata
+
+**Step 2**: Download the Latest New Relic Agent
+```bash
+# Download the latest New Relic Java agent.
+curl -O https://download.newrelic.com/newrelic/java-agent/newrelic-java.zip
+```
+
+**Step 3**: Replace the Existing Files
+```bash
+# Extract the downloaded New Relic agent files.
+unzip newrelic-java.zip -d newrelic-latest
+
+# Replace the existing newrelic.jar file.
+cp newrelic-latest/newrelic/newrelic.jar tools/docker/docker-artifacts/newrelic/
+
+
+# Update the newrelic.yml file:
+- Compare the existing file with the newly downloaded one.
+- Merge any new configurations while retaining custom settings such as license_key and app_name.
+````
+
+
+**Step 4**: Restart the Application and Check in New Relic dashboard
+```bash
+# Rebuild and restart the application:
+docker-compose -f ./docker-compose.test.yaml up --build
+```
+
### Command Line
For the examples below, make sure you're in the `qpp-conversion-tool` directory.
diff --git a/acceptance-tests/pom.xml b/acceptance-tests/pom.xml
index 48908064c..8b7e1f6ae 100644
--- a/acceptance-tests/pom.xml
+++ b/acceptance-tests/pom.xml
@@ -3,7 +3,7 @@
4.0.0
acceptance-tests
gov.cms.qpp.conversion
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
conversion-tests
jar
diff --git a/commandline/pom.xml b/commandline/pom.xml
index 70056fc7d..7b35016e5 100644
--- a/commandline/pom.xml
+++ b/commandline/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
diff --git a/commons/pom.xml b/commons/pom.xml
index aa42098d9..6265af9c4 100644
--- a/commons/pom.xml
+++ b/commons/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
diff --git a/converter/pom.xml b/converter/pom.xml
index 9b44bf79a..ad96657c4 100644
--- a/converter/pom.xml
+++ b/converter/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
@@ -170,7 +170,7 @@
gov.cms.qpp.conversion
commons
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
compile
diff --git a/generate-race-cpcplus/pom.xml b/generate-race-cpcplus/pom.xml
index d8daee7f8..6ef434625 100644
--- a/generate-race-cpcplus/pom.xml
+++ b/generate-race-cpcplus/pom.xml
@@ -5,7 +5,7 @@
qpp-conversion-tool-parent
gov.cms.qpp.conversion
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../
4.0.0
diff --git a/generate/pom.xml b/generate/pom.xml
index 9f3d08806..b2656b336 100644
--- a/generate/pom.xml
+++ b/generate/pom.xml
@@ -5,7 +5,7 @@
qpp-conversion-tool-parent
gov.cms.qpp.conversion
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
4.0.0
diff --git a/pom.xml b/pom.xml
index 75094c611..62630b0a5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
pom
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
QPP Conversion Tool
diff --git a/qrda3-update-measures/pom.xml b/qrda3-update-measures/pom.xml
index 30d48f5b5..dad91d02e 100644
--- a/qrda3-update-measures/pom.xml
+++ b/qrda3-update-measures/pom.xml
@@ -3,7 +3,7 @@
qpp-conversion-tool-parent
gov.cms.qpp.conversion
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../
diff --git a/rest-api/pom.xml b/rest-api/pom.xml
index 0d1d30447..8246a0a44 100644
--- a/rest-api/pom.xml
+++ b/rest-api/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
@@ -30,7 +30,7 @@
org.springframework.boot
spring-boot-maven-plugin
- 3.3.6
+ 3.3.7
@@ -63,7 +63,7 @@
org.springframework.boot
spring-boot-dependencies
- 3.3.6
+ 3.3.7
pom
import
@@ -117,12 +117,12 @@
org.springframework.boot
spring-boot-starter-security
- 3.3.6
+ 3.3.7
org.springframework.boot
spring-boot-starter-web
- 3.3.6
+ 3.3.7
org.springframework
@@ -314,7 +314,7 @@
org.springframework.boot
spring-boot-starter-test
- 3.3.6
+ 3.3.7
test
diff --git a/test-commons/pom.xml b/test-commons/pom.xml
index a0d0e76af..3f245baf9 100644
--- a/test-commons/pom.xml
+++ b/test-commons/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
diff --git a/test-coverage/pom.xml b/test-coverage/pom.xml
index 6d8e64d0e..7eda2f31a 100644
--- a/test-coverage/pom.xml
+++ b/test-coverage/pom.xml
@@ -6,7 +6,7 @@
gov.cms.qpp.conversion
qpp-conversion-tool-parent
- 2024.2.8-RELEASE
+ 2024.2.9-RELEASE
../pom.xml
diff --git a/tools/docker/docker-artifacts/newrelic/newrelic.jar b/tools/docker/docker-artifacts/newrelic/newrelic.jar
index 75fe03c27..4df3e45cb 100644
Binary files a/tools/docker/docker-artifacts/newrelic/newrelic.jar and b/tools/docker/docker-artifacts/newrelic/newrelic.jar differ
diff --git a/tools/docker/docker-artifacts/newrelic/newrelic.yml b/tools/docker/docker-artifacts/newrelic/newrelic.yml
index 928d7188e..d132c263a 100644
--- a/tools/docker/docker-artifacts/newrelic/newrelic.yml
+++ b/tools/docker/docker-artifacts/newrelic/newrelic.yml
@@ -1,6 +1,6 @@
-# This file configures the New Relic Agent. New Relic monitors
-# Java applications with deep visibility and low overhead. For more details and additional
-# configuration options visit https://docs.newrelic.com/docs/java/java-agent-configuration.
+# This file configures the New Relic agent. New Relic monitors
+# Java applications with deep visibility and low overhead. For more details and additional
+# configuration options visit https://docs.newrelic.com/docs/agents/java-agent/configuration/java-agent-configuration-config-file.
#
# This configuration file is custom generated for Flexion_1
#
@@ -51,7 +51,7 @@ common: &default_settings
enable_auto_transaction_naming: true
# The agent uses its own log file to keep its logging
- # separate from that of your application. Specify the log level here.
+ # separate from that of your application. Specify the log level here.
# This setting is dynamic, so changes do not require restarting your application.
# The levels in increasing order of verboseness are:
# off, severe, warning, info, fine, finer, finest
@@ -93,37 +93,115 @@ common: &default_settings
# Default is true.
ssl: true
+ # AI Monitoring captures insights on the performance, quality, and cost of interactions with LLM models made with instrumented SDKs.
+ ai_monitoring:
+
+ # Provides control over all AI Monitoring functionality. Set as true to enable all AI Monitoring features.
+ # Default is false.
+ enabled: false
+
+ # Provides control over whether attributes for the input and output content should be added to LLM events.
+ record_content:
+
+ # Set as false to disable attributes for the input and output content.
+ # Default is true.
+ enabled: true
+
+ # Provides the ability to forward application logs to New Relic, generate log usage metrics,
+ # and decorate local application log files with agent metadata for use with third party log forwarders.
+ # The application_logging.forwarding and application_logging.local_decorating should not be used together.
+ application_logging:
+
+ # Provides control over all the application logging features for forwarding, local log
+ # decorating, and metrics features. Set as false to disable all application logging features.
+ # Default is true.
+ enabled: true
+
+ # The agent will automatically forward application logs to New Relic in
+ # a format that includes agent metadata for linking them to traces and errors.
+ forwarding:
+
+ # When true, application logs will be forwarded to New Relic. The default is true.
+ enabled: true
+
+ # Application log events are collected up to the configured amount. Afterwards,
+ # events are sampled to maintain an even distribution across the harvest cycle.
+ # Default is 10000. Setting to 0 will disable.
+ #max_samples_stored: 10000
+
+ # Whether the log events should include context from loggers with support for that.
+ context_data:
+
+ # When true, application logs will contain context data.
+ enabled: false
+
+ # A comma separated list of attribute keys whose values should be sent to New Relic.
+ #include:
+
+ # A comma separated list of attribute keys whose values should not be sent to New Relic.
+ #exclude:
+
+ # The agent will generate metrics to indicate the number of
+ # application log events occurring at each distinct log level.
+ metrics:
+
+ # When true, application log metrics will be reported. The default is true.
+ enabled: true
+
+ # The agent will add linking metadata to each log line in your application log files.
+ # This feature should only be used if you want to use a third party log forwarder, instead
+ # of the agent's built-in forwarding feature, to send your application log events to New Relic.
+ #local_decorating:
+
+ # When true, the agent will decorate your application log files with linking metadata. The default is false.
+ #enabled: false
+
+ # Adds integration with CodeStream, introducing Code-Level Metrics! Golden Signals visible in your
+ # IDE through New Relic CodeStream.
+ code_level_metrics:
+
+ # When true the agent will capture namespace and function information
+ # on spans to enable code level metrics in CodeStream.
+ enabled: true
+
# Proxy settings for connecting to the New Relic server:
- # If a proxy is used, the host setting is required. Other settings
- # are optional. Default port is 8080. The username and password
+ # If a proxy is used, the host setting is required. Other settings
+ # are optional. Default port is 8080. The username and password
# settings will be used to authenticate to Basic Auth challenges
- # from a proxy server.
+ # from a proxy server. Proxy scheme will allow the agent to
+ # connect through proxies using the HTTPS scheme.
#proxy_host: hostname
#proxy_port: 8080
#proxy_user: username
#proxy_password: password
+ #proxy_scheme: https
# Limits the number of lines to capture for each stack trace.
# Default is 30
max_stack_trace_lines: 30
# Provides the ability to configure the attributes sent to New Relic. These
- # attributes can be found in transaction traces, traced errors, Insight's
- # transaction events, and Insight's page views.
+ # attributes can be found in transaction traces, traced errors,
+ # transaction events, and page views.
attributes:
# When true, attributes will be sent to New Relic. The default is true.
enabled: true
- #A comma separated list of attribute keys whose values should
+ #A comma separated list of attribute keys whose values should
# be sent to New Relic.
#include:
- # A comma separated list of attribute keys whose values should
+ # A comma separated list of attribute keys whose values should
# not be sent to New Relic.
#exclude:
+ # Defines which sets of http attributes the agent will send: standard, legacy or both (default).
+ # Having the agent send both sets will increase ingestion.
+ # Having the agent send only legacy may impact current or future functionality.
+ http_attribute_mode: both
+
# Transaction tracer captures deep information about slow
# transactions and sends this to the New Relic service once a
# minute. Included in the transaction is the exact call sequence of
@@ -192,7 +270,8 @@ common: &default_settings
# by providing a comma separated list of full class names.
# The default is to exclude akka.actor.ActorKilledException. If you want to override
# this, you must provide any new value as an empty list is ignored.
- ignore_errors: akka.actor.ActorKilledException
+ ignore_classes:
+ - "akka.actor.ActorKilledException"
# Use this property to exclude specific http status codes from being reported as errors
# by providing a comma separated list of status codes.
@@ -208,8 +287,8 @@ common: &default_settings
422 # validation error
]
- # Transaction Events are used for Histograms and Percentiles. Unaggregated data is collected
- # for each web transaction and sent to the server on harvest.
+ # Transaction events are used for histograms and percentiles. Non-aggregated data is collected
+ # for each web transaction and sent to the server on harvest.
transaction_events:
# Set to false to disable transaction events.
@@ -218,18 +297,52 @@ common: &default_settings
# Events are collected up to the configured amount. Afterwards, events are sampled to
# maintain an even distribution across the harvest cycle.
- # Default is 2000. Setting to 0 will disable.
+ # Default is 2000. Setting to 0 will disable.
max_samples_stored: 2000
- # Cross Application Tracing adds request and response headers to
- # external calls using supported HTTP libraries to provide better
- # performance data when calling applications monitored by other New Relic Agents.
- cross_application_tracer:
+ # Distributed tracing lets you see the path that a request takes through your distributed system.
+ # This replaces the legacy Cross Application Tracing feature.
+ distributed_tracing:
- # Set to false to disable cross application tracing.
+ # Set to false to disable distributed tracing.
# Default is true.
enabled: true
+ # Agent versions 5.10.0+ utilize both the newrelic header and W3C Trace Context headers for distributed tracing.
+ # The newrelic distributed tracing header allows interoperability with older agents that don't support W3C Trace Context headers.
+ # Agent versions that support W3C Trace Context headers will prioritize them over newrelic headers for distributed tracing.
+ # If you do not want to utilize the newrelic header, setting this to true will result in the agent excluding the newrelic header
+ # and only using W3C Trace Context headers for distributed tracing.
+ # Default is false.
+ exclude_newrelic_header: false
+
+ # New Relic's distributed tracing UI uses Span events to display traces across different services.
+ # Span events capture attributes that describe execution context and provide linking metadata.
+ # Span events require distributed tracing to be enabled.
+ span_events:
+
+ # Set to false to disable Span events.
+ # Default is true.
+ enabled: true
+
+ # Determines the number of Span events that can be captured during an agent harvest cycle.
+ # Increasing the number of Span events can lead to additional agent overhead. A maximum value may be imposed server side by New Relic.
+ # Default is 2000
+ max_samples_stored: 2000
+
+ # Provides the ability to filter the attributes attached to Span events.
+ # Custom attributes can be added to Span events using the NewRelic.getAgent().getTracedMethod().addCustomAttribute(...) API.
+ attributes:
+
+ # When true, attributes will be sent to New Relic. The default is true.
+ enabled: true
+
+ # A comma separated list of attribute keys whose values should be sent to New Relic.
+ #include:
+
+ # A comma separated list of attribute keys whose values should not be sent to New Relic.
+ #exclude:
+
# Thread profiler measures wall clock time, CPU time, and method call counts
# in your application's threads as they run.
# This feature is not available to Lite accounts and is automatically disabled.
@@ -239,21 +352,51 @@ common: &default_settings
# Default is true.
enabled: true
- # New Relic Real User Monitoring gives you insight into the performance real users are
+ # New Relic Real User Monitoring (RUM) gives you insight into the performance real users are
# experiencing with your website. This is accomplished by measuring the time it takes for
# your users' browsers to download and render your web pages by injecting a small amount
- # of JavaScript code into the header and footer of each page.
+ # of JavaScript code into the header and footer of each page.
browser_monitoring:
# By default the agent automatically inserts API calls in compiled JSPs to
# inject the monitoring JavaScript into web pages. Not all rendering engines are supported.
- # See https://docs.newrelic.com/docs/java/real-user-monitoring-in-java#manual_instrumentation
+ # See https://docs.newrelic.com/docs/agents/java-agent/instrumentation/new-relic-browser-java-agent#manual_instrumentation
# for instructions to add these manually to your pages.
# Set this attribute to false to turn off this behavior.
auto_instrument: true
+ # For pages that emit the tag via a JSP tag library, enabling this setting
+ # will monitor JspWriter print/println calls for output of the element and
+ # inject the RUM script automatically.
+ tag_lib_instrument: false
+
+ # If tag_lib_instrument is true, this is the regex pattern that will be used to detect HTML start head elements. Modify
+ # the regex if you have more complex start head elements (attributes for example). The defined pattern is case-insensitive.
+ tag_lib_head_pattern: ''
+
+ # By default, the agent sends JVM input arguments to New Relic, where they are visible as Environment data.
+ # Set to false to disable the sending of JVM props.
+ send_jvm_props: true
+
+ # Before sending JVM props to New Relic, the agent will obfuscate all data in a prop after an = sign.
+ # For example, the property -Dmy.prop=my-value will be sent to New Relic as -Dmy.prop=obfuscated.
+ # By default, the standard and extended JVM props (those beginning with -X*) are sent unobfuscated.
+ # Available since agent 8.16.0.
+ obfuscate_jvm_props:
+ #To disable this feature, and send all JVM props unobfuscated, set enabled to false. The default is true.
+ #enabled: true
+
+ # A comma separated list of JVM property names whose values should be sent to New Relic unobfuscated.
+ #allow:
+
+ # A comma separated list of JVM property names whose values should be sent to New Relic obfuscated.
+ #block:
+
+ # Class transformer can be used to disable all agent instrumentation or specific instrumentation modules.
+ # All instrumentation modules can be found here: https://github.com/newrelic/newrelic-java-agent/tree/main/instrumentation
class_transformer:
- # This instrumentation reports the name of the user principal returned from
+
+ # This instrumentation reports the name of the user principal returned from
# HttpServletRequest.getUserPrincipal() when servlets and filters are invoked.
com.newrelic.instrumentation.servlet-user:
enabled: false
@@ -261,6 +404,10 @@ common: &default_settings
com.newrelic.instrumentation.spring-aop-2:
enabled: false
+ # This instrumentation reports metrics for resultset operations.
+ com.newrelic.instrumentation.jdbc-resultset:
+ enabled: false
+
# Classes loaded by classloaders in this list will not be instrumented.
# This is a useful optimization for runtimes which use classloaders to
# load dynamic classes which the agent would not instrument.
@@ -272,6 +419,54 @@ common: &default_settings
org.mvel2.optimizers.impl.asm.ASMAccessorOptimizer$ContextClassLoader,
gw.internal.gosu.compiler.SingleServingGosuClassLoader,
+ # Enhanced Spring transaction naming.
+ # This feature will name any transaction that originates from a Spring controller after
+ # the defined route and HTTP method. For example: "/customer/v1/edit (POST)".
+ # This includes controllers that implement or extend interfaces/classes with WebMVC related
+ # annotations (@RestController, @Controller, @RequestMapping, etc). By default, this is configured
+ # to false, which will name transactions for those types of controllers based on the controller
+ # class name and method. For example; "CustomerController/edit". This is the naming logic carried
+ # over from previous agent versions. "Standard" controllers, with all relevant annotations
+ # present on the actual class, will still get named based on route and HTTP method.
+ enhanced_spring_transaction_naming: false
+
+ # By default, built-in actuator endpoints and custom actuator endpoints (using the @Endpoint annotation
+ # and it's subclasses) will all be named as "OperationHandler/handle" in New Relic. Setting this
+ # to true will result in the transaction name reflecting the actual base actuator endpoint URI.
+ # For example, invoking "/actuator/loggers" or "actuator/loggers/com.newrelic" will result in the
+ # transaction name "actuator/loggers (GET)". This is to prevent MGI.
+ # Default is false.
+ name_actuator_endpoints: false
+
+ # Real-time profiling using Java Flight Recorder (JFR).
+ # This feature reports dimensional metrics to the ingest endpoint configured by
+ # metric_ingest_uri and events to the ingest endpoint configured by event_ingest_uri.
+ # Both ingest endpoints default to US production but they will be automatically set to EU
+ # production when using an EU license key. Other ingest endpoints can be configured manually.
+ # Requires a JVM that provides the JFR library.
+ jfr:
+
+ # Set to true to enable Real-time profiling with JFR.
+ # Default is false.
+ enabled: false
+
+ # Set to true to enable audit logging which will display all JFR metrics and events in each harvest batch.
+ # Audit logging is extremely verbose and should only be used for troubleshooting purposes.
+ # Default is false.
+ audit_logging: false
+
+ # The time interval, in seconds, of how often JFR data is sent to New Relic.
+ # The default is 10 seconds.
+ harvest_interval: 10
+
+ # The size of the queue used to store JFR events. Increasing this can reduce gaps in JFR reported data
+ # but can also cause resource issues in the agent or cause data to be dropped if backend pipeline
+ # limits are exceeded.
+ # See: https://docs.newrelic.com/docs/data-apis/ingest-apis/event-api/introduction-event-api/#limits
+ # https://docs.newrelic.com/docs/data-apis/ingest-apis/metric-api/metric-api-limits-restricted-attributes/
+ # Default is 250000
+ queue_size: 250000
+
# User-configurable custom labels for this agent. Labels are name-value pairs.
# There is a maximum of 64 labels per agent. Names and values are limited to 255 characters.
# Names and values may not contain colons (:) or semicolons (;).
@@ -280,6 +475,103 @@ common: &default_settings
# An example label
#label_name: label_value
+ # New Relic Security vulnerability detection.
+ security:
+ # Determines whether the security data is sent to New Relic or not. When this is disabled and agent.enabled is
+ # true, the security module will run but data will not be sent. Default is false.
+ enabled: false
+
+ # New Relic Security provides two modes: IAST and RASP
+ # Default is IAST. Due to the invasive nature of IAST scanning, DO NOT enable this mode in either a
+ # production environment or an environment where production data is processed.
+ mode: IAST
+
+ # New Relic Security’s SaaS connection URL
+ validator_service_url: wss://csec.nr-data.net
+
+ # To completely disable all security functionality, set this flag to false. This property is
+ # read only once at application start. Default is false.
+ agent:
+ enabled: false
+
+ # This configuration allows users to specify a unique test identifier when running IAST Scan with CI/CD
+ iast_test_identifier: 'run-id'
+
+ # Security controllers
+ scan_controllers:
+ # The scan_request_rate_limit configuration allows to specify maximum number of replay request played per minute.
+ # The maximum is 3600 and the minimum is 12 replay request per minute.
+ iast_scan_request_rate_limit: 3600 # Number of IAST replay request played per minute, Default is 3600
+ # This configuration allows users to the number of application instances for a specific entity where IAST analysis is performed.
+ scan_instance_count: 0 # Values are 1 or 0, 0 signifies run on all application instances
+
+ # The scan_schedule configuration allows to specify when IAST scans should be executed
+ scan_schedule:
+ # The delay field specifies the delay in minutes before the IAST scan starts. This allows to schedule the scan to start at a later time.
+ delay: 0 #In minutes, default is 0 min
+ # The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run.
+ duration: 0 #In minutes, default is forever
+
+ # The schedule field specifies a cron expression that defines when the IAST scan should start.
+ #schedule: "" #By default, schedule is inactive
+
+ # Allow continuously sample collection of IAST events
+ always_sample_traces: false # Default is false
+
+ # The exclude_from_iast_scan configuration allows to specify APIs, parameters, and categories that should not be scanned by Security Agents.
+ exclude_from_iast_scan:
+ # The api field specifies list of APIs using regular expression (regex) patterns that follow the syntax of Perl 5. The regex pattern should provide a complete match for the URL without the endpoint.
+ # Example:
+ # api:
+ # - .*account.*
+ # - .*/\api\/v1\/.*?\/login
+ api: [ ]
+
+ # The parameters configuration allows users to specify headers, query parameters, and body keys that should be excluded from IAST scans.
+ # Example:
+ # http_request_parameters:
+ # header:
+ # - X-Forwarded-For
+ # query:
+ # - username
+ # - password
+ # body:
+ # - account.email
+ # - account.contact
+ http_request_parameters:
+ # A list of HTTP header keys. If a request includes any headers with these keys, the corresponding IAST scan will be skipped.
+ header: [ ]
+ # A list of query parameter keys. The presence of these parameters in the request's query string will lead to skipping the IAST scan.
+ query: [ ]
+ # A list of keys within the request body. If these keys are found in the body content, the IAST scan will be omitted.
+ body: [ ]
+
+ # The iast_detection_category configuration allows to specify which categories of vulnerabilities should not be detected by Security Agents.
+ # If any of these categories are set to true, Security Agents will not generate events or flag vulnerabilities for that category.
+ iast_detection_category:
+ insecure_settings: false
+ invalid_file_access: false
+ sql_injection: false
+ nosql_injection: false
+ ldap_injection: false
+ javascript_injection: false
+ command_injection: false
+ xpath_injection: false
+ ssrf: false
+ rxss: false
+
+ # Slow transaction detection will report an event to New Relic ("SlowTransaction") whenever a Transaction's
+ # time exceeds the threshold value (in ms). A transaction will only be reported once and by default, only
+ # transactions that are in-process during a harvest cycle will be checked. Only the slowest single transaction
+ # will be reported even if multiple transactions exceed the threshold.
+ slow_transactions:
+ enabled: true
+ threshold: 600000
+
+ # If this is set to true, every transaction will be checked for exceeding the defined threshold on
+ # transaction completion. Note that this can be computationally expensive since a stack trace is sent
+ # with every SlowTransaction event, if a large number of transaction exceed the threshold.
+ evaluate_completed_transactions: false
# Application Environments
# ------------------------------------------