Four Security Use Cases for New Relic Logs

In the context of modern enterprise accounts, the prioritization of log management for application developers, DevOps, and SRE teams typically includes application logs from core services, access logs from services like NGINX and AWS load balancers, and infrastructure logs from platforms such as SQL and Redis. However, security-related logs provide critical visibility into severe threats and include Linux systemd logs, SELinux audit logs, Windows security event logs, and firewall logs. These logs help monitor unauthorized access, manage critical processes, and detect anomalies. The blog post discusses forwarding these logs to New Relic using its Infrastructure Monitoring agent, which can enrich log data with powerful parsing, querying, and dashboarding capabilities as part of Full-Stack Observability. Such centralized log management enables DevOps and SRE teams to correlate security logs with application performance metrics, aiding in unified observability. The author, Jim Hagan, emphasizes the importance of extracting valuable security information from logs and encourages users to sign up for New Relic to leverage its log management tools.