Four Security Use Cases for New Relic Logs

This summary provides an overview of how security-related logs can be sent to New Relic using its Infrastructure Monitoring agent. Typically, log management for enterprise accounts prioritizes application logs, access logs from services like NGINX and AWS load balancers, and infrastructure logs from critical platforms. However, another class of logs provides essential visibility into severe threats to modern digital businesses, including Linux systemd logs, security-enhanced Linux audit logs, Windows security event logs, and firewall logs. The Infrastructure agent can forward these logs to New Relic, providing valuable insights for DevOps and SRE teams to correlate anomalies in security logs with APM performance dips or general infrastructure performance degradation. By sending these logs to New Relic, teams can gain a unified observability approach, enabling better preparedness against security threats and performance issues.