Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

node-cassandra-cql: support for prepared statements #167

Closed
wants to merge 1 commit into from
Closed

node-cassandra-cql: support for prepared statements #167

wants to merge 1 commit into from

Conversation

asilvas
Copy link
Contributor

@asilvas asilvas commented Jul 28, 2014

This gets us as close to stored proc monitoring as we're going to get for Cassandra.

@txase
Copy link

txase commented Aug 29, 2014

Hi @asilvas,

Sorry we hadn't commented sooner :(.

I've reviewed the change, and although it's small it introduces a hairy security issue we haven't yet tackled in the Node.js agent: reporting query statements. We work very hard in other agents to obfuscate any sensitive data before reporting it, and we simply aren't ready to tackle this issue for the Node.js agent yet.

Can you follow up with a request of what problem you are trying to solve with this information? We can then work to track it as a feature request internally.

Thanks!

@asilvas
Copy link
Contributor Author

asilvas commented Aug 29, 2014

These are prepared statements, not full cql statements with variables. This is the rough equivalent of stored procedures. Where the security concern?

It's to track where time is spent. Again, same as with a stored proc.

@txase
Copy link

txase commented Aug 29, 2014

The issue is that instead of using the "parameters" argument to queries, some people may simply construct query strings with sensitive data in them directly. It takes a lot of effort to ensure we completely strip out any parameters from query statements, and many of our customers consider this extremely important to them.

I'll make sure this gets tracked as a feature request.

Thanks!

@txase txase closed this Aug 29, 2014
@seankcarpenter
Copy link

As of today, we have added support for viewing slow queries out of the Node.js agent in New Relic. You can see the complete release notes here: https://docs.newrelic.com/docs/release-notes/agent-release-notes/nodejs-release-notes/nodejs-agent-1200

@Awk34
Copy link

Awk34 commented Jun 6, 2015

👍

@asilvas
Copy link
Contributor Author

asilvas commented Jun 6, 2015

Thanks!

cmcadams-newrelic pushed a commit to cmcadams-newrelic/node-newrelic that referenced this pull request Jan 29, 2024
…/nestjs-config-file/follow-redirects-1.15.4

chore(deps): bump follow-redirects from 1.15.3 to 1.15.4 in /nestjs-config-file
jsumners-nr pushed a commit to jsumners-nr/node-newrelic that referenced this pull request Apr 16, 2024
…/axios-and-newrelic-1.6.0

Bump axios and newrelic
bizob2828 added a commit to bizob2828/node-newrelic that referenced this pull request Apr 19, 2024
chore: update to newest community plus header
bizob2828 added a commit to bizob2828/node-newrelic that referenced this pull request Apr 23, 2024
chore: update to newest community plus header
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants