newrelic_rpm 3.11.2.286 → 3.12.0.288

data/lib/new_relic/agent/agent.rb

@@ -28,6 +28,7 @@ require 'new_relic/agent/javascript_instrumentor'
 require 'new_relic/agent/vm/monotonic_gc_profiler'
 require 'new_relic/agent/utilization_data'
 require 'new_relic/environment_report'
+require 'new_relic/agent/attribute_filter'
 
 module NewRelic
   module Agent
@@ -72,6 +73,20 @@ module NewRelic
 
         @harvest_lock = Mutex.new
         @obfuscator = lambda {|sql| NewRelic::Agent::Database.default_sql_obfuscator(sql) }
+
+        setup_attribute_filter
+      end
+
+      def setup_attribute_filter
+        refresh_attribute_filter
+
+        @events.subscribe(:finished_configuring) do
+          refresh_attribute_filter
+        end
+      end
+
+      def refresh_attribute_filter
+        @attribute_filter = NewRelic::Agent::AttributeFilter.new(NewRelic::Agent.config)
       end
 
       # contains all the class-level methods for NewRelic::Agent::Agent
@@ -124,6 +139,8 @@ module NewRelic
         attr_reader :monotonic_gc_profiler
         attr_reader :custom_event_aggregator
 
+        attr_reader :attribute_filter
+
         # This method should be called in a forked process after a fork.
         # It assumes the parent process initialized the agent, but does
         # not assume the agent started.
@@ -183,13 +200,10 @@ module NewRelic
           @started
         end
 
-        # Attempt a graceful shutdown of the agent, running the worker
-        # loop if it exists and is running.
-        #
-        # Options:
-        # :force_send  => (true/false) # force the agent to send data
-        def shutdown(options={})
-          return if not started?
+        # Attempt a graceful shutdown of the agent, flushing any remaining
+        # data.
+        def shutdown
+          return unless started?
           ::NewRelic::Agent.logger.info "Starting Agent shutdown"
 
           stop_event_loop
@@ -207,10 +221,7 @@ module NewRelic
         end
 
         def stop_event_loop
-          if @event_loop
-            @event_loop.run_once(true) if Agent.config[:force_send]
-            @event_loop.stop
-          end
+          @event_loop.stop if @event_loop
         end
 
         def trap_signals_for_litespeed
@@ -1056,7 +1067,7 @@ module NewRelic
         # them across the wire.  This includes gathering SQL
         # explanations, stripping out stack traces, and normalizing
         # SQL.  note that we explain only the sql statements whose
-        # segments' execution times exceed our threshold (to avoid
+        # nodes' execution times exceed our threshold (to avoid
         # unnecessary overhead of running explains on fast queries.)
         def harvest_and_send_transaction_traces
           harvest_and_send_from_container(@transaction_sampler, :transaction_sample_data)

data/lib/new_relic/agent/attribute_filter.rb

@@ -0,0 +1,242 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+
+# This class applies filtering rules as specified in the Agent Attributes
+# cross-agent spec.
+#
+# Instances of it are constructed by deriving a set of rules from the agent
+# configuration. Instances are immutable once they are constructed - if the
+# config changes, a new instance should be constructed and swapped in to
+# replace the existing one.
+#
+# The #apply method is the main external interface of this class. It takes an
+# attribute name and a set of default destinations (represented as a bitfield)
+# and returns a set of actual destinations after applying the filtering rules
+# specified in the config.
+#
+# Each set of destinations is represented as a bitfield, where the bit positions
+# specified in the DST_* constants are used to indicate whether an attribute
+# should be sent to the corresponding destination.
+#
+# The choice of a bitfield here rather than an Array was made to avoid the need
+# for any transient object allocations during the application of rules. Since
+# rule application will happen once per attribute per transaction, this is a hot
+# code path.
+#
+# The algorithm for applying filtering rules is as follows:
+#
+# 1. Start with a bitfield representing the set of default destinations passed
+#    in to #apply.
+# 2. Mask this bitfield against the set of destinations that have attribute
+#    enabled at all.
+# 3. Traverse the list of rules in order (more on the ordering later), applying
+#    each matching rule, but taking care to not let rules override the enabled
+#    status of each destination. Each matching rule may mutate the bitfield.
+# 4. Return the resulting bitfield after all rules have been applied.
+#
+# Each rule consists of a name, a flag indicating whether it ends with a
+# wildcard, a bitfield representing the set of destinations that it applies to,
+# and a flag specifying whether it is an include or exclude rule.
+#
+# During construction, rules are sorted according to the following criteria:
+#
+# 1. First, the names are compared lexicographically. This has the impact of
+#    forcing shorter (more general) rules towards the top of the list and longer
+#    (more specific) rules towards the bottom. This is important, because the
+#    Agent Attributes spec stipulates that the most specific rule for a given
+#    destination should take precedence. Since rules are applied top-to-bottom,
+#    this sorting guarantees that the most specific rule will be applied last.
+# 2. If the names are identical, we next examine the wildcard flag. Rules ending
+#    with a wildcard are considered more general (and thus 'less than') rules
+#    not ending with a wildcard.
+# 3. If the names and wildcard flags are identical, we next examine whether the
+#    rules being compared are include or exclude rules. Exclude rules have
+#    precedence by the spec, so they are considered 'greater than' include
+#    rules.
+#
+# This approach to rule evaluation was taken from the PHP agent's
+# implementation.
+#
+
+module NewRelic
+  module Agent
+    class AttributeFilter
+      DST_NONE = 0x0
+
+      DST_TRANSACTION_EVENTS = 1 << 0
+      DST_TRANSACTION_TRACER = 1 << 1
+      DST_ERROR_COLLECTOR    = 1 << 2
+      DST_BROWSER_MONITORING = 1 << 3
+      DST_DEVELOPER_MODE     = 1 << 4
+
+      DST_ALL = 0xF
+
+      attr_reader :rules
+
+      def initialize(config)
+        @enabled_destinations = DST_NONE
+
+        @enabled_destinations |= DST_TRANSACTION_TRACER if config[:'transaction_tracer.attributes.enabled']
+        @enabled_destinations |= DST_TRANSACTION_EVENTS if config[:'transaction_events.attributes.enabled']
+        @enabled_destinations |= DST_ERROR_COLLECTOR    if config[:'error_collector.attributes.enabled']
+        @enabled_destinations |= DST_BROWSER_MONITORING if config[:'browser_monitoring.attributes.enabled']
+
+        @enabled_destinations = DST_NONE unless config[:'attributes.enabled']
+
+        @rules = []
+
+        build_rule(config[:'attributes.exclude'], DST_ALL, false)
+        build_rule(config[:'transaction_tracer.attributes.exclude'], DST_TRANSACTION_TRACER, false)
+        build_rule(config[:'transaction_events.attributes.exclude'], DST_TRANSACTION_EVENTS, false)
+        build_rule(config[:'error_collector.attributes.exclude'],    DST_ERROR_COLLECTOR,    false)
+        build_rule(config[:'browser_monitoring.attributes.exclude'], DST_BROWSER_MONITORING, false)
+
+        build_rule(['request.parameters.*'], include_destinations_for_capture_params(config[:capture_params]), true)
+        build_rule(['job.resque.args.*'],    include_destinations_for_capture_params(config[:'resque.capture_params']), true)
+        build_rule(['job.sidekiq.args.*'],   include_destinations_for_capture_params(config[:'sidekiq.capture_params']), true)
+
+        build_rule(config[:'attributes.include'], DST_ALL, true)
+        build_rule(config[:'transaction_tracer.attributes.include'], DST_TRANSACTION_TRACER, true)
+        build_rule(config[:'transaction_events.attributes.include'], DST_TRANSACTION_EVENTS, true)
+        build_rule(config[:'error_collector.attributes.include'],    DST_ERROR_COLLECTOR,    true)
+        build_rule(config[:'browser_monitoring.attributes.include'], DST_BROWSER_MONITORING, true)
+
+        @rules.sort!
+
+        # We're ok to cache high security for fast lookup because the attribute
+        # filter is re-generated on any significant config change.
+        @high_security = config[:high_security]
+
+        cache_prefix_blacklist
+      end
+
+      def include_destinations_for_capture_params(capturing)
+        if capturing
+          DST_TRANSACTION_TRACER | DST_ERROR_COLLECTOR
+        else
+          DST_NONE
+        end
+      end
+
+      def build_rule(attribute_names, destinations, is_include)
+        attribute_names.each do |attribute_name|
+          rule = AttributeFilterRule.new(attribute_name, destinations, is_include)
+          @rules << rule unless rule.empty?
+        end
+      end
+
+      def apply(attribute_name, default_destinations)
+        return DST_NONE if @enabled_destinations == DST_NONE
+
+        destinations   = default_destinations
+        attribute_name = attribute_name.to_s
+
+        @rules.each do |rule|
+          if rule.match?(attribute_name)
+            if rule.is_include
+              destinations |= rule.destinations
+            else
+              destinations &= rule.destinations
+            end
+          end
+        end
+
+        destinations & @enabled_destinations
+      end
+
+      def allows?(allowed_destinations, requested_destination)
+        allowed_destinations & requested_destination == requested_destination
+      end
+
+      def high_security?
+        @high_security
+      end
+
+      # For attribute prefixes where we know the default destinations will
+      # always be DST_NONE, we can statically determine that any attribute
+      # starting with the prefix will not be allowed unless there's an include
+      # rule that might match attributes starting with it.
+      #
+      # This allows us to skip significant preprocessing work (hash/array
+      # flattening and type coercion) for HTTP request parameters and job
+      # arguments for Sidekiq and Resque in the common case, since none of
+      # these attributes are captured by default.
+      #
+      def cache_prefix_blacklist
+        @prefix_blacklist = {}
+        @prefix_blacklist[:'request.parameters'] = true unless might_allow_prefix_uncached?(:'request.parameters')
+        @prefix_blacklist[:'job.sidekiq.args']   = true unless might_allow_prefix_uncached?(:'job.sidekiq.args')
+        @prefix_blacklist[:'job.resque.args']    = true unless might_allow_prefix_uncached?(:'job.resque.args')
+      end
+
+      # Note that the given prefix *must* be a Symbol
+      def might_allow_prefix?(prefix)
+        !@prefix_blacklist.include?(prefix)
+      end
+
+      def might_allow_prefix_uncached?(prefix)
+        prefix = prefix.to_s
+        @rules.any? do |rule|
+          if rule.is_include
+            if rule.wildcard
+              if rule.attribute_name.size > prefix.size
+                rule.attribute_name.start_with?(prefix)
+              else
+                prefix.start_with?(rule.attribute_name)
+              end
+            else
+              rule.attribute_name.start_with?(prefix)
+            end
+          end
+        end
+      end
+    end
+
+    class AttributeFilterRule
+      attr_reader :attribute_name, :destinations, :is_include, :wildcard
+
+      def initialize(attribute_name, destinations, is_include)
+        @attribute_name = attribute_name.sub(/\*$/, "")
+        @wildcard       = attribute_name.end_with?("*")
+        @is_include     = is_include
+        @destinations   = is_include ? destinations : ~destinations
+      end
+
+      # Rules are sorted from least specific to most specific
+      #
+      # All else being the same, wildcards are considered less specific
+      # All else being the same, include rules are less specific than excludes
+      def <=>(other)
+        name_cmp = @attribute_name <=> other.attribute_name
+        return name_cmp unless name_cmp == 0
+
+        if wildcard != other.wildcard
+          return wildcard ? -1 : 1
+        end
+
+        if is_include != other.is_include
+          return is_include ? -1 : 1
+        end
+
+        return 0
+      end
+
+      def match?(name)
+        if wildcard
+          name.start_with?(@attribute_name)
+        else
+          @attribute_name == name
+        end
+      end
+
+      def empty?
+        if is_include
+          @destinations == AttributeFilter::DST_NONE
+        else
+          @destinations == AttributeFilter::DST_ALL
+        end
+      end
+    end
+  end
+end

data/lib/new_relic/agent/attribute_processing.rb

@@ -0,0 +1,62 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+
+module NewRelic
+  module Agent
+    module AttributeProcessing
+      module_function
+
+      EMPTY_HASH_STRING_LITERAL = "{}".freeze
+      EMPTY_ARRAY_STRING_LITERAL = "[]".freeze
+
+      def flatten_and_coerce(object, prefix = nil, result = {}, &blk)
+        if object.is_a? Hash
+          flatten_and_coerce_hash(object, prefix, result, &blk)
+        elsif object.is_a? Array
+          flatten_and_coerce_array(object, prefix, result, &blk)
+        elsif prefix
+          val = Coerce.scalar(object)
+          if blk
+            blk.call(prefix, val)
+          else
+            result[prefix] = val
+          end
+        else
+          NewRelic::Agent.logger.warn "Unexpected object: #{object.inspect} with nil prefix passed to NewRelic::Agent::AttributeProcessing.flatten_and_coerce"
+        end
+        result
+      end
+
+      def flatten_and_coerce_hash(hash, prefix, result, &blk)
+        if hash.empty?
+          if blk
+            blk.call(prefix, EMPTY_HASH_STRING_LITERAL)
+          else
+            result[prefix] = EMPTY_HASH_STRING_LITERAL
+          end
+        else
+          hash.each do |key, val|
+            next_prefix = prefix ? "#{prefix}.#{key}" : key.to_s
+            flatten_and_coerce(val, next_prefix, result, &blk)
+          end
+        end
+      end
+
+      def flatten_and_coerce_array(array, prefix, result, &blk)
+        if array.empty?
+          if blk
+            blk.call(prefix, EMPTY_ARRAY_STRING_LITERAL)
+          else
+            result[prefix] = EMPTY_ARRAY_STRING_LITERAL
+          end
+        else
+          array.each_with_index do |val, idx|
+            next_prefix = prefix ? "#{prefix}.#{idx}" : idx.to_s
+            flatten_and_coerce(val, next_prefix, result, &blk)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/new_relic/agent/commands/xray_session_collection.rb

@@ -43,8 +43,11 @@ module NewRelic
 
         def session_id_for_transaction_name(name)
           @sessions_lock.synchronize do
-            @sessions.keys.find { |id| @sessions[id].key_transaction_name == name }
+            @sessions.each do |id, session|
+              return id if session.key_transaction_name == name
+            end
           end
+          nil
         end
 
         NO_PROFILES = [].freeze

data/lib/new_relic/agent/configuration/default_source.rb

@@ -102,7 +102,7 @@ module NewRelic
         def self.agent_enabled
           Proc.new {
             NewRelic::Agent.config[:enabled] &&
-            (NewRelic::Agent.config[:developer_mode] || NewRelic::Agent.config[:monitor_mode] || NewRelic::Agent.config[:monitor_daemons]) &&
+            (NewRelic::Agent.config[:developer_mode] || NewRelic::Agent.config[:monitor_mode]) &&
             NewRelic::Agent::Autostart.agent_should_start?
           }
         end
@@ -237,12 +237,14 @@ module NewRelic
           :default => '',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Your New Relic <a href="/docs/accounts-partnerships/accounts/account-setup/license-key">license key</a>.'
         },
         :agent_enabled => {
           :default => DefaultSource.agent_enabled,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the agent.'
         },
         :enabled => {
@@ -250,42 +252,49 @@ module NewRelic
           :public => false,
           :type => Boolean,
           :aliases => [:enable],
+          :allowed_from_server => false,
           :description => 'Enable or disable the agent.'
         },
         :app_name => {
           :default => DefaultSource.app_name,
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Semicolon-delimited list of <a href="/docs/apm/new-relic-apm/installation-and-configuration/naming-your-application">application names</a> to which the agent will report metrics (e.g. \'MyApplication\' or \'MyAppStaging;Instance1\'). For more information, see <a href="/docs/apm/new-relic-apm/installation-and-configuration/naming-your-application">Naming your application</a>.'
         },
         :monitor_mode => {
           :default => value_of(:enabled),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the transmission of data to the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>).'
         },
         :developer_mode => {
           :default => value_of(:developer),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable developer mode, a local analytics package built into the agent for rack applications. Access developer mode analytics by visiting <b>/newrelic</b> in your application.'
         },
         :developer => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Alternative method of enabling developer_mode.'
         },
         :log_level => {
           :default => 'info',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Log level for agent logging: error, warn, info or debug.'
         },
         :high_security => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable <a href="/docs/accounts-partnerships/accounts/security/high-security">high security mode</a>, a suite of security features designed to protect data in an enterprise setting.'
         },
         :ssl => {
@@ -293,6 +302,7 @@ module NewRelic
           :allow_nil => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable SSL for transmissions to the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>). Defaults to true in versions 3.5.6 and higher.'
         },
         :proxy_host => {
@@ -300,6 +310,7 @@ module NewRelic
           :allow_nil => true,
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a host for communicating with New Relic via a proxy server.'
         },
         :proxy_port => {
@@ -307,6 +318,7 @@ module NewRelic
           :allow_nil => true,
           :public => true,
           :type => Fixnum,
+          :allowed_from_server => false,
           :description => 'Defines a port for communicating with New Relic via a proxy server.'
         },
         :proxy_user => {
@@ -314,7 +326,8 @@ module NewRelic
           :allow_nil => true,
           :public => true,
           :type => String,
-          :local_only => true,
+          :allowed_from_server => false,
+          :exclude_from_reported_settings => true,
           :description => 'Defines a user for communicating with New Relic via a proxy server.'
         },
         :proxy_pass => {
@@ -322,158 +335,170 @@ module NewRelic
           :allow_nil => true,
           :public => true,
           :type => String,
-          :local_only => true,
+          :allowed_from_server => false,
+          :exclude_from_reported_settings => true,
           :description => 'Defines a password for communicating with New Relic via a proxy server.'
         },
         :capture_params => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the capture of HTTP request parameters to be attached to transaction traces and traced errors.'
         },
         :config_path => {
           :default => DefaultSource.config_path,
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Path to <b>newrelic.yml</b>. When omitted the agent will check (in order) <b>config/newrelic.yml</b>, <b>newrelic.yml</b>, <b>$HOME/.newrelic/newrelic.yml</b> and <b>$HOME/newrelic.yml</b>.'
         },
         :config_search_paths => {
           :default => DefaultSource.config_search_paths,
           :public => false,
           :type => Array,
+          :allowed_from_server => false,
           :description => "An array of candidate locations for the agent's configuration file."
         },
         :dispatcher => {
           :default => DefaultSource.dispatcher,
           :public => false,
           :type => Symbol,
+          :allowed_from_server => false,
           :description => 'Autodetected application component that reports metrics to New Relic.'
         },
         :framework => {
           :default => DefaultSource.framework,
           :public => false,
           :type => Symbol,
+          :allowed_from_server => false,
           :description => 'Autodetected application framework used to enable framework-specific functionality.'
         },
         :'autostart.blacklisted_constants' => {
           :default => 'Rails::Console',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a comma-delimited list of constants. When these constants are present, the agent will not start automatically (e.g. \'Rails::Console, UninstrumentedBackgroundJob\').'
         },
         :'autostart.blacklisted_executables' => {
           :default => 'irb,rspec',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a comma-delimited list of executables that should not be instrumented by the agent (e.g. \'rake,my_ruby_script.rb\').'
         },
         :'autostart.blacklisted_rake_tasks' => {
           :default => AUTOSTART_BLACKLISTED_RAKE_TASKS,
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a comma-delimited list of rake tasks that should not be instrumented by the agent (e.g. \'assets:precompile,db:migrate\').'
         },
         :'profiling.available' => {
           :default => DefaultSource.profiling_available,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Determines if ruby-prof is available for developer mode profiling.'
         },
         :apdex_t => {
           :default => 0.5,
           :public => true,
           :type => Float,
+          :allowed_from_server => true,
           :deprecated => true,
           :description => 'In versions 3.5.0 and higher, <a href="/docs/apm/new-relic-apm/apdex/changing-your-apdex-settings">set your Apdex T via the New Relic UI</a>. In addition to determining your <a href="/docs/apm/new-relic-apm/apdex/apdex-measuring-user-satisfaction">Apdex score</a>, Apdex T is the threshold at which New Relic will begin alerting. By default the agent will send alerts when the Apdex score drops below 0.5, or when more than half of users are experiencing degraded application performance.'
         },
-        :monitor_daemons => {
-          :default => false,
-          :public => false,
-          :type => Boolean,
-          :description => 'Enables or disables the agent for background processes. No longer necessary as the agent now automatically instruments background processes.'
-        },
         :'strip_exception_messages.enabled' => {
           :default => value_of(:high_security),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Defines whether the agent should strip messages from all exceptions that are not specified in the whitelist. Enabled automatically in <a href="/docs/accounts-partnerships/accounts/security/high-security">high security mode</a>.'
         },
         :'strip_exception_messages.whitelist' => {
           :default => '',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a comma-delimited list of exceptions from which the agent will not strip messages when <a href="#strip_exception_messages.enabled">strip_exception_messages</a> is enabled (such as \'ImportantException, PreserveMessageException\').'
         },
         :host => {
           :default => 'collector.newrelic.com',
           :public => false,
           :type => String,
+          :allowed_from_server => false,
           :description => "URI for the New Relic data collection service."
         },
         :api_host => {
           :default => 'rpm.newrelic.com',
           :public => false,
           :type => String,
+          :allowed_from_server => false,
           :description => 'API host for New Relic.'
         },
         :port => {
           :default => DefaultSource.port,
           :public => false,
           :type => Fixnum,
+          :allowed_from_server => false,
           :description => 'Port for the New Relic data collection service.'
         },
         :api_port => {
           :default => value_of(:port),
           :public => false,
           :type => Fixnum,
+          :allowed_from_server => false,
           :description => 'Port for the New Relic API host.'
         },
         :sync_startup => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable synchronous connection to the New Relic data collection service during application startup.'
         },
         :send_data_on_exit => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the exit handler that sends data to the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>) before shutting down.'
         },
         :post_size_limit => {
           :default => 2 * 1024 * 1024, # 2MB
           :public => false,
           :type => Fixnum,
+          :allowed_from_server => true,
           :description => 'Maximum number of bytes to send to the New Relic data collection service.'
         },
         :timeout => {
           :default => 2 * 60, # 2 minutes
           :public => true,
           :type => Fixnum,
+          :allowed_from_server => false,
           :description => 'Maximum number of seconds to attempt to contact the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>).'
         },
-        :force_send => {
-          :default => false,
-          :public => false,
-          :type => Boolean,
-          :description => 'Enable or disable the forced sending of data to the New Relic data collection service when shutting down.'
-        },
         :send_environment_info => {
           :default => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable transmission of application environment information to the New Relic data collection service.'
         },
         :'resque.use_harvest_lock' => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable synchronizing Resque job forking with New Relic\'s harvest thread. The default is <code>false</code>. This helps prevent Resque jobs from deadlocking, but prevents New Relic from starting new jobs during harvest.'
         },
         :data_report_period => {
           :default => 60,
           :public => false,
           :type => Fixnum,
+          :allowed_from_server => true,
           :description => 'Number of seconds betwixt connections to the New Relic data collection service. Note that transaction events have a separate report period, specified by data_report_periods.analytic_event_data.'
         },
         :'data_report_periods.analytic_event_data' => {
@@ -481,6 +506,7 @@ module NewRelic
           :public => false,
           :type => Fixnum,
           :dynamic_name => true,
+          :allowed_from_server => true,
           :description => 'Number of seconds between connections to the New Relic data collection service for sending transaction event data.'
         },
         :keep_retrying => {
@@ -488,48 +514,56 @@ module NewRelic
           :public => false,
           :type => Boolean,
           :deprecated => true,
+          :allowed_from_server => false,
           :description => 'Enable or disable retrying failed connections to the New Relic data collection service.'
         },
         :force_reconnect => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Force a new connection to the server before running the worker loop. Creates a separate agent run and is recorded as a separate instance by the New Relic data collection service.'
         },
         :report_instance_busy => {
           :default => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable transmission of metrics recording the percentage of time application instances spend servicing requests (duty cycle metrics).'
         },
         :log_file_name => {
           :default => 'newrelic_agent.log',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a name for the log file.'
         },
         :log_file_path => {
           :default => 'log/',
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Defines a path to the agent log file, excluding the filename.'
         },
         :'audit_log.enabled' => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the audit log, a log of communications with the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>).'
         },
         :'audit_log.path' => {
           :default => DefaultSource.audit_log_path,
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Specifies a path to the audit log file (including the filename).'
         },
         :'audit_log.endpoints' => {
           :default => [".*"],
           :public => true,
           :type => Array,
+          :allowed_from_server => false,
           :transform => DefaultSource.method(:convert_to_regexp_list),
           :description => 'List of allowed endpoints to include in audit log'
         },
@@ -537,72 +571,84 @@ module NewRelic
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the collection of sampler metrics. Sampler metrics are metrics that are not event-based (such as CPU time or memory usage).'
         },
         :disable_resque => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable <a href="/docs/agents/ruby-agent/background-jobs/resque-instrumentation">Resque instrumentation</a>.'
         },
         :disable_sidekiq => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable <a href="/docs/agents/ruby-agent/background-jobs/sidekiq-instrumentation">Sidekiq instrumentation</a>.'
         },
         :disable_dj => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable <a href="/docs/agents/ruby-agent/background-jobs/delayedjob">Delayed::Job instrumentation</a>.'
         },
         :disable_sinatra => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable <a href="/docs/agents/ruby-agent/frameworks/sinatra-support">Sinatra instrumentation</a>.'
         },
         :disable_sinatra_auto_middleware => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable agent middleware for Sinatra. This middleware is responsible for Sinatra advanced feature support; for example, cross application tracing, page load timing (sometimes referred to as real user monitoring or RUM), and error collection.'
         },
         :disable_view_instrumentation => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable view instrumentation.'
         },
         :disable_backtrace_cleanup => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Defines whether the agent will remove <code>newrelic_rpm</code> from backtraces.'
         },
         :disable_harvest_thread => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the harvest thread.'
         },
         :skip_ar_instrumentation => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable active record instrumentation.'
         },
         :disable_activerecord_instrumentation => {
           :default => value_of(:skip_ar_instrumentation),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable active record instrumentation.'
         },
         :disable_data_mapper => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable DataMapper instrumentation.'
         },
         :disable_activejob => {
@@ -610,120 +656,145 @@ module NewRelic
           :public => true,
           :type => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description => 'Enable or disable ActiveJob instrumentation.'
         },
         :disable_memcached => {
           :default => value_of(:disable_memcache_instrumentation),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable instrumentation for the memcached gem.'
         },
         :disable_memcache_client => {
           :default => value_of(:disable_memcache_instrumentation),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable instrumenation for the memcache-client gem.'
         },
         :disable_dalli => {
           :default => value_of(:disable_memcache_instrumentation),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable instrumentation for the dalli gem.'
         },
         :disable_dalli_cas_client => {
           :default => value_of(:disable_memcache_instrumentation),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => "Enable or disable instrumentation for the dalli gem's additional CAS client support."
         },
         :disable_memcache_instrumentation => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable memcache instrumentation.'
         },
         :disable_gc_profiler => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable the use of GC::Profiler to measure time spent in garbage collection'
         },
         :'sidekiq.capture_params' => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
+          :dynamic_name => true,
+          :deprecated => true,
           :description => 'Enable or disable the capture of job arguments for transaction traces and traced errors in Sidekiq.'
         },
         :'resque.capture_params' => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
+          :dynamic_name => true,
+          :deprecated => true,
           :description => 'Enable or disable the capture of job arguments for transaction traces and traced errors in Resque.'
         },
         :capture_memcache_keys => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable the capture of memcache keys from transaction traces.'
         },
         :'transaction_tracer.enabled' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable <a href="/docs/apm/traces/transaction-traces/transaction-traces">transaction traces</a>.'
         },
         :'transaction_tracer.transaction_threshold' => {
           :default => DefaultSource.transaction_tracer_transaction_threshold,
           :public => true,
           :type => Float,
+          :allowed_from_server => true,
           :description => 'The agent will collect traces for transactions that exceed this time threshold (in seconds). Specify a float value or <code><a href="/docs/apm/new-relic-apm/getting-started/glossary#apdex_f">apdex_f</a></code>.'
         },
         :'transaction_tracer.record_sql' => {
           :default => 'obfuscated',
           :public => true,
           :type => String,
-          :description => 'Obfuscation level for SQL queries reported in transaction trace segments. Valid options are <code>obfuscated</code>, <code>raw</code>, <code>none</code>.'
+          :allowed_from_server => true,
+          :description => 'Obfuscation level for SQL queries reported in transaction trace nodes. Valid options are <code>obfuscated</code>, <code>raw</code>, <code>none</code>.'
         },
         :'transaction_tracer.capture_attributes' => {
           :default => true,
           :public => true,
           :type => Boolean,
-          :description => 'Enable or disable collection of <a href="/docs/apm/other-features/attributes/collecting-custom-attributes">custom attributes</a> on transaction traces.'
+          :deprecated => true,
+          :allowed_from_server => false,
+          :description => 'Use transaction_tracer.attributes.enabled instead.'
         },
         :'transaction_tracer.explain_threshold' => {
           :default => 0.5,
           :public => true,
           :type => Float,
+          :allowed_from_server => true,
           :description => 'Threshold (in seconds) above which the agent will collect explain plans. Relevant only when <code><a href="#transaction_tracer.explain_enabled">explain_enabled</a></code> is true.'
         },
         :'transaction_tracer.explain_enabled' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable the collection of explain plans in transaction traces. This setting will also apply to explain plans in Slow SQL traces if slow_sql.explain_enabled is not set separately.'
         },
         :'transaction_tracer.stack_trace_threshold' => {
           :default => 0.5,
           :public => true,
           :type => Float,
-          :description => 'Stack traces will be included in transaction trace segments when their duration exceeds this threshold.'
+          :allowed_from_server => true,
+          :description => 'Stack traces will be included in transaction trace nodes when their duration exceeds this threshold.'
         },
         :'transaction_tracer.limit_segments' => {
           :default => 4000,
           :public => true,
           :type => Fixnum,
-          :description => 'Maximum number of transaction trace segments to record in a single transaction trace.'
+          :allowed_from_server => true,
+          :description => 'Maximum number of transaction trace nodes to record in a single transaction trace.'
         },
         :disable_sequel_instrumentation => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Enable or disable <a href="/docs/agents/ruby-agent/frameworks/sequel-instrumentation">Sequel instrumentation</a>.'
         },
         :disable_database_instrumentation => {
           :default => false,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => false,
           :deprecated => true,
           :description => 'Enable or disable Sequel instrumentation. This option is deprecated; instead, use <a href="/docs/agents/ruby-agent/installation-and-configuration/ruby-agent-configuration#disable_sequel_instrumentation"><code>disable_sequel_instrumentation</code></a>'
         },
@@ -731,6 +802,7 @@ module NewRelic
           :default      => false,
           :public       => true,
           :type         => Boolean,
+          :allowed_from_server => false,
           :dynamic_name => true,
           :description  => 'Defines whether the agent will install <a href="/docs/agents/ruby-agent/frameworks/mongo-instrumentation">instrumentation for the Mongo gem</a>.'
         },
@@ -738,120 +810,142 @@ module NewRelic
           :default => value_of(:'transaction_tracer.enabled'),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable collection of slow SQL queries.'
         },
         :'slow_sql.explain_threshold' => {
           :default => value_of(:'transaction_tracer.explain_threshold'),
           :public => true,
           :type => Float,
+          :allowed_from_server => true,
           :description => 'Defines a duration threshold, over which the agent will collect explain plans in slow SQL queries.'
         },
         :'slow_sql.explain_enabled' => {
           :default => value_of(:'transaction_tracer.explain_enabled'),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable the collection of explain plans in slow SQL queries. If this setting is omitted, the transaction_tracer.explain_enabled setting will be applied as the default setting for explain plans in Slow SQL as well.'
         },
         :'slow_sql.record_sql' => {
           :default => value_of(:'transaction_tracer.record_sql'),
           :public => true,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Defines an obfuscation level for slow SQL queries. Valid options are <code>obfuscated</code>, <code>raw</code>, <code>none</code>).'
         },
         :'mongo.capture_queries' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable capturing Mongo queries in transaction traces.'
         },
         :'mongo.obfuscate_queries' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable obfuscation of Mongo queries in transaction traces.'
         },
         :'error_collector.enabled' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable recording of traced errors and error count metrics.'
         },
         :'error_collector.capture_attributes' => {
           :default => true,
           :public => true,
           :type => Boolean,
-          :description => 'Enable or disable collection of custom attributes on errors.'
+          :deprecated => true,
+          :allowed_from_server => false,
+          :description => 'Use error_collector.attributes.enabled instead.'
         },
         :'error_collector.ignore_errors' => {
           :default => 'ActionController::RoutingError,Sinatra::NotFound',
           :public => true,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Specifies a comma-delimited list of error classes that the agent should ignore.'
         },
         :'rum.enabled' => {
           :default => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable page load timing (sometimes referred to as real user monitoring or RUM).'
         },
         :browser_key => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Real user monitoring license key for the browser timing header.'
         },
         :beacon => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Beacon for real user monitoring.'
         },
         :error_beacon => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Error beacon for real user monitoring.'
         },
         :application_id => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Application ID for real user monitoring.'
         },
         :js_agent_file => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Javascript agent file for real user monitoring.'
         },
         :'browser_monitoring.auto_instrument' => {
           :default => value_of(:'rum.enabled'),
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable automatic insertion of the JavaScript header into outgoing responses for page load timing (sometimes referred to as real user monitoring or RUM).'
         },
         :'browser_monitoring.capture_attributes' => {
           :default => false,
           :public => true,
           :type => Boolean,
-          :description => 'Forward custom attributes to Browser for <a href="/docs/insights/new-relic-insights/decorating-events/insights-custom-attributes#forwarding-attributes">collection by New Relic Insights</a>.'
+          :deprecated => true,
+          :allowed_from_server => false,
+          :description => 'Use browser_monitoring.attributes.enabled instead.'
         },
         :'browser_monitoring.loader' => {
           :default => DefaultSource.browser_monitoring_loader,
           :public => private,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Type of JavaScript agent loader to use for browser monitoring instrumentation.'
         },
         :'browser_monitoring.loader_version' => {
           :default => '',
           :public => private,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Version of JavaScript agent loader (returned from the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>).)'
         },
         :'browser_monitoring.debug' => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable debugging version of JavaScript agent loader for browser monitoring instrumentation.'
         },
         :'browser_monitoring.ssl_for_http' => {
@@ -859,37 +953,36 @@ module NewRelic
           :allow_nil => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable HTTPS instrumentation by JavaScript agent on HTTP pages.'
         },
-        :'capture_attributes.page_view_events' => {
-          :default => false,
-          :public => false,
-          :type => Boolean,
-          :deprecated => true,
-          :description => 'Correct setting is browser_monitoring.capture_attributes.'
-        },
         :js_agent_loader => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'JavaScript agent loader content.'
         },
         :js_errors_beta => {
           :default => false,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
+          :deprecated => true,
           :description => 'Enable or disable beta JavaScript error reporting.'
         },
         :trusted_account_ids => {
           :default => [],
           :public => false,
           :type => Array,
+          :allowed_from_server => true,
           :description => 'List of trusted New Relic account IDs for the purposes of cross-application tracing. Inbound requests from applications including cross-application headers that do not come from an account in this list will be ignored.'
         },
         :"cross_application_tracer.enabled" => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable <a href="/docs/apm/traces/cross-application-traces/cross-application-traces">cross application tracing</a>.'
         },
         :cross_application_tracing => {
@@ -897,90 +990,107 @@ module NewRelic
           :allow_nil => true,
           :public => false,
           :type => Boolean,
-          :description => 'Enable or disable <a href="/docs/apm/traces/cross-application-traces/cross-application-traces">cross application tracing</a>.'
+          :allowed_from_server => false,
+          :deprecated => true,
+          :description => 'Deprecated in favor of cross_application_tracer.enabled'
         },
         :encoding_key => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Encoding key for cross-application tracing.'
         },
         :cross_process_id => {
           :default => '',
           :public => false,
           :type => String,
+          :allowed_from_server => true,
           :description => 'Cross process ID for cross-application tracing.'
         },
         :'thread_profiler.enabled' => {
           :default => DefaultSource.thread_profiler_enabled,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable the thread profiler.'
         },
         :'xray_session.enabled' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable <a href="/docs/apm/transactions-menu/x-ray-sessions/x-ray-sessions">X-Ray sessions</a>.'
         },
         :'xray_session.allow_traces' => {
           :default => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable X-Ray sessions recording transaction traces.'
         },
         :'xray_session.allow_profiles' => {
           :default => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable X-Ray sessions taking thread profiles.'
         },
         :'xray_session.max_samples' => {
           :default => 10,
           :public => false,
           :type => Fixnum,
+          :allowed_from_server => true,
           :description => 'Maximum number of transaction traces to buffer for active X-Ray sessions'
         },
         :'xray_session.max_profile_overhead' => {
           :default => 0.05,
           :public => false,
           :type => Float,
+          :allowed_from_server => true,
           :description => 'Maximum overhead percentage for thread profiling before agent reduces polling frequency'
         },
         :marshaller => {
           :default => DefaultSource.marshaller,
           :public => true,
           :type => String,
+          :allowed_from_server => false,
           :description => 'Specifies a marshaller for transmitting data to the New Relic <a href="/docs/apm/new-relic-apm/getting-started/glossary#collector">collector</a>) (e.g json, pruby).'
         },
         :'analytics_events.enabled' => {
           :default => true,
           :public => true,
           :type => Boolean,
+          :allowed_from_server => true,
           :description => 'Enable or disable analytics event sampling.'
         },
         :'analytics_events.max_samples_stored' => {
           :default => 1200,
           :public => true,
           :type => Fixnum,
+          :allowed_from_server => true,
           :description => 'Defines the maximum number of request events reported from a single harvest.'
         },
         :'analytics_events.capture_attributes' => {
           :default => true,
           :public => true,
           :type => Boolean,
-          :description => 'Include <a href="/docs/insights/new-relic-insights/decorating-events/insights-custom-attributes">custom attributes</a> in analytics event data.'
+          :deprecated => true,
+          :allowed_from_server => false,
+          :description => 'Use transaction_events.attributes.enabled instead.'
         },
         :restart_thread_in_children => {
           :default => true,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Controls whether to check on running a transaction whether to respawn the harvest thread.'
         },
         :normalize_json_string_encodings => {
           :default => DefaultSource.normalize_json_string_encodings,
           :public => false,
           :type => Boolean,
+          :allowed_from_server => false,
           :description => 'Controls whether to normalize string encodings prior to serializing data for the collector to JSON.'
         },
         :disable_vm_sampler => {
@@ -988,6 +1098,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will <a href="/docs/agents/ruby-agent/features/ruby-vm-measurements">sample performance measurements from the Ruby VM</a>.'
         },
         :disable_memory_sampler => {
@@ -995,6 +1106,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will sample the memory usage of the host process.'
         },
         :disable_cpu_sampler => {
@@ -1002,6 +1114,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will sample the CPU usage of the host process.'
         },
         :disable_delayed_job_sampler => {
@@ -1009,6 +1122,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will measure the depth of Delayed Job queues.'
         },
         :disable_active_record_4 => {
@@ -1016,6 +1130,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will install instrumentation for ActiveRecord 4.'
         },
         :disable_curb => {
@@ -1023,6 +1138,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will install instrumentation for the curb gem.'
         },
         :disable_excon => {
@@ -1030,6 +1146,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will install instrumentation for the excon gem.'
         },
         :disable_httpclient => {
@@ -1037,6 +1154,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will install instrumentation for the httpclient gem.'
         },
         :disable_net_http => {
@@ -1044,6 +1162,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will install instrumentation for Net::HTTP.'
         },
         :disable_rack => {
@@ -1051,6 +1170,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will hook into Rack::Builder\'s <code>to_app</code> method to find gems to instrument during application startup.'
         },
         :disable_rack_urlmap => {
@@ -1058,6 +1178,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will hook into Rack::URLMap to install middleware tracing.'
         },
         :disable_rubyprof => {
@@ -1065,6 +1186,7 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will use RubyProf in developer mode (if RubyProf is installed).'
         },
         :disable_typhoeus => {
@@ -1072,30 +1194,35 @@ module NewRelic
           :public       => true,
           :type         => Boolean,
           :dynamic_name => true,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will install instrumentation for the typhoeus gem.'
         },
         :disable_middleware_instrumentation => {
           :default      => false,
           :public       => true,
           :type         => Boolean,
+          :allowed_from_server => false,
           :description  => 'Defines whether the agent will wrap third-party middlewares in instrumentation (regardless of whether they are installed via Rack::Builder or Rails).'
         },
         :disable_rails_middleware => {
           :default      => false,
           :public       => false,
           :type         => Boolean,
+          :allowed_from_server => false,
           :description  => 'Internal name for controlling Rails 3+ middleware instrumentation'
         },
         :'heroku.use_dyno_names' => {
           :default      => true,
           :public       => true,
           :type         => Boolean,
+          :allowed_from_server => false,
           :description  => 'Controls whether or not we use the heroku dyno name as the hostname.'
         },
         :'heroku.dyno_name_prefixes_to_shorten' => {
           :default      => ['scheduler', 'run'],
           :public       => true,
           :type         => Array,
+          :allowed_from_server => false,
           :transform    => DefaultSource.method(:convert_to_list),
           :description  => 'List of prefixes for heroku dyno names (such as "scheduler") to report as hostname without trailing dot and process ID.'
         },
@@ -1103,18 +1230,21 @@ module NewRelic
           :default      => '',
           :public       => true,
           :type         => String,
+          :allowed_from_server => false,
           :description  => 'A dictionary of label names and values that will be applied to the data sent from this agent. May also be expressed as a semi-colon delimited string of colon-separated pairs (e.g. "Server:One;Data Center:Primary".'
         },
         :aggressive_keepalive => {
           :default      => true,
           :public       => false,
           :type         => Boolean,
+          :allowed_from_server => true,
           :description  => 'If true, attempt to keep the TCP connection to the collector alive between harvests.'
         },
         :keep_alive_timeout => {
           :default      => 60,
           :public       => false,
           :type         => Fixnum,
+          :allowed_from_server => true,
           :description  => 'Timeout for keep alive on TCP connection to collector if supported by Ruby version. Only used in conjunction when aggressive_keepalive is enabled.'
         },
         :ca_bundle_path => {
@@ -1122,18 +1252,21 @@ module NewRelic
           :allow_nil    => true,
           :public       => true,
           :type         => String,
+          :allowed_from_server => false,
           :description  => "Manual override for the path to your local CA bundle. This CA bundle will be used to validate the SSL certificate presented by New Relic's data collection service."
         },
         :collect_utilization => {
           :default      => false,
           :public       => false,
           :type         => Boolean,
+          :allowed_from_server => true,
           :description  => "Controls whether to collect processor and instance sizing data and send it to New Relic"
         },
         :'rules.ignore_url_regexes' => {
           :default      => [],
           :public       => true,
           :type         => Array,
+          :allowed_from_server => true,
           :transform    => DefaultSource.method(:convert_to_regexp_list),
           :description  => 'A list of patterns that will cause a transaction to be ignored if any of them match the URI.'
         },
@@ -1141,24 +1274,28 @@ module NewRelic
           :default      => 20,
           :public       => false,
           :type         => Fixnum,
+          :allowed_from_server => true,
           :description  => 'Maximum number of synthetics transaction traces to hold for a given harvest'
         },
         :'synthetics.events_limit' => {
           :default      => 200,
           :public       => false,
           :type         => Fixnum,
+          :allowed_from_server => true,
           :description  => 'Maximum number of synthetics transaction events to hold for a given harvest'
         },
         :'custom_insights_events.enabled' => {
           :default      => true,
           :public       => true,
           :type         => Boolean,
+          :allowed_from_server => true,
           :description  => 'Enable or disable custom Insights event recording.'
         },
         :'custom_insights_events.max_samples_stored' => {
           :default      => 1000,
           :public       => true,
           :type         => Fixnum,
+          :allowed_from_server => true,
           :description  => 'Maximum number of custom Insights events buffered in memory at a time.',
           :dynamic_name => true
         },
@@ -1166,13 +1303,130 @@ module NewRelic
           :default      => false,
           :public       => true,
           :type         => Boolean,
+          :allowed_from_server => false,
           :description  => 'Disables installation of Grape instrumentation.'
         },
         :disable_grape => {
           :default      => false,
           :public       => true,
           :type         => Boolean,
+          :allowed_from_server => false,
           :description  => 'Disables installation of Grape instrumentation.'
+        },
+        :'attributes.enabled' => {
+          :default     => true,
+          :public      => false,
+          :type        => Boolean,
+          :allowed_from_server => false,
+          :description => 'Enable or disable capture of attributes for all destinations.'
+        },
+        :'transaction_tracer.attributes.enabled' => {
+          :default     => value_of(:'transaction_tracer.capture_attributes'),
+          :public      => false,
+          :type        => Boolean,
+          :allowed_from_server => false,
+          :description => 'Enable or disable capture of attributes for transaction traces.'
+        },
+        :'transaction_events.attributes.enabled' => {
+          :default     => value_of(:'analytics_events.capture_attributes'),
+          :public      => false,
+          :type        => Boolean,
+          :allowed_from_server => false,
+          :description => 'Enable or disable capture of attributes for transaction events.'
+        },
+        :'error_collector.attributes.enabled' => {
+          :default     => value_of(:'error_collector.capture_attributes'),
+          :public      => false,
+          :type        => Boolean,
+          :allowed_from_server => false,
+          :description => 'Enable or disable capture of attributes for error collection.'
+        },
+        :'browser_monitoring.attributes.enabled' => {
+          :default     => value_of(:'browser_monitoring.capture_attributes'),
+          :public      => false,
+          :type        => Boolean,
+          :allowed_from_server => false,
+          :description => 'Enable or disable capture of attributes for browser monitoring.'
+        },
+        :'attributes.exclude' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform   => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to exclude from all destinations. Allows * as wildcard at end.'
+        },
+        :'transaction_tracer.attributes.exclude' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform   => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to exclude from transaction traces. Allows * as wildcard at end.'
+        },
+        :'transaction_events.attributes.exclude' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to exclude from transaction events. Allows * as wildcard at end.'
+        },
+        :'error_collector.attributes.exclude' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to exclude from error collection. Allows * as wildcard at end.'
+        },
+        :'browser_monitoring.attributes.exclude' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to exclude from browser monitoring. Allows * as wildcard at end.'
+        },
+        :'attributes.include' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to include in all destinations. Allows * as wildcard at end.'
+        },
+        :'transaction_tracer.attributes.include' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to include in transaction traces. Allows * as wildcard at end.'
+        },
+        :'transaction_events.attributes.include' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to include in transaction events. Allows * as wildcard at end.'
+        },
+        :'error_collector.attributes.include' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to include in error collection. Allows * as wildcard at end.'
+        },
+        :'browser_monitoring.attributes.include' => {
+          :default     => [],
+          :public      => false,
+          :type        => Array,
+          :allowed_from_server => false,
+          :transform    => DefaultSource.method(:convert_to_list),
+          :description => 'Prefix of attributes to include in browser monitoring. Allows * as wildcard at end.'
         }
       }.freeze
     end