contrast-agent 5.2.0 → 6.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/cs__assess_array/cs__assess_array.c +7 -0
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +19 -5
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +3 -4
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -2
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +26 -12
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +15 -2
- data/ext/cs__assess_regexp/cs__assess_regexp.h +2 -0
- data/ext/cs__assess_string/cs__assess_string.c +21 -1
- data/ext/cs__assess_test/cs__assess_test.h +9 -0
- data/ext/cs__assess_test/cs__assess_tests.c +22 -0
- data/ext/cs__assess_test/extconf.rb +5 -0
- data/ext/cs__common/cs__common.c +113 -11
- data/ext/cs__common/cs__common.h +29 -5
- data/ext/cs__contrast_patch/cs__contrast_patch.c +55 -44
- data/ext/cs__os_information/cs__os_information.c +13 -10
- data/ext/cs__scope/cs__scope.c +146 -97
- data/ext/cs__tests/cs__tests.c +12 -0
- data/ext/cs__tests/cs__tests.h +3 -0
- data/ext/cs__tests/extconf.rb +5 -0
- data/lib/contrast/agent/assess/contrast_object.rb +16 -16
- data/lib/contrast/agent/assess/events/source_event.rb +17 -19
- data/lib/contrast/agent/assess/finalizers/hash.rb +2 -0
- data/lib/contrast/agent/assess/policy/policy_node.rb +50 -27
- data/lib/contrast/agent/assess/policy/policy_node_utils.rb +51 -0
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +2 -16
- data/lib/contrast/agent/assess/policy/preshift.rb +8 -2
- data/lib/contrast/agent/assess/policy/propagation_method.rb +47 -13
- data/lib/contrast/agent/assess/policy/propagator/buffer.rb +118 -0
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +19 -4
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +18 -2
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +17 -3
- data/lib/contrast/agent/assess/policy/propagator/split.rb +15 -19
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/substitution_utils.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator.rb +1 -0
- data/lib/contrast/agent/assess/policy/source_method.rb +7 -7
- data/lib/contrast/agent/assess/policy/trigger_method.rb +4 -10
- data/lib/contrast/agent/assess/property/tagged.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +7 -2
- data/lib/contrast/agent/assess/rule/response/auto_complete_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +11 -3
- data/lib/contrast/agent/assess/rule/response/body_rule.rb +3 -3
- data/lib/contrast/agent/assess/rule/response/cache_control_header_rule.rb +60 -36
- data/lib/contrast/agent/assess/rule/response/framework/rails_support.rb +3 -3
- data/lib/contrast/agent/assess/rule/response/parameters_pollution_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb +1 -2
- data/lib/contrast/agent/at_exit_hook.rb +1 -1
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +0 -7
- data/lib/contrast/agent/deadzone/policy/policy.rb +0 -6
- data/lib/contrast/agent/exclusion_matcher.rb +3 -3
- data/lib/contrast/agent/inventory/database_config.rb +10 -3
- data/lib/contrast/agent/middleware.rb +5 -3
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +0 -2
- data/lib/contrast/agent/patching/policy/patch.rb +13 -12
- data/lib/contrast/agent/patching/policy/patcher.rb +4 -4
- data/lib/contrast/agent/patching/policy/policy_node.rb +15 -2
- data/lib/contrast/agent/protect/exploitable_collection.rb +38 -0
- data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +66 -9
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +2 -1
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +2 -2
- data/lib/contrast/agent/protect/rule/base.rb +37 -5
- data/lib/contrast/agent/protect/rule/base_service.rb +3 -1
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +13 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb +83 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb +64 -0
- data/lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb +96 -0
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +8 -0
- data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb +231 -0
- data/lib/contrast/agent/protect/rule/no_sqli.rb +27 -0
- data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb +18 -54
- data/lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb +1 -4
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +82 -0
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_matcher.rb +45 -0
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +42 -0
- data/lib/contrast/agent/reporting/attack_result/attack_result.rb +63 -0
- data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +52 -0
- data/lib/contrast/agent/reporting/attack_result/response_type.rb +29 -0
- data/lib/contrast/agent/reporting/attack_result/user_input.rb +87 -0
- data/lib/contrast/agent/reporting/masker/masker.rb +243 -0
- data/lib/contrast/agent/reporting/masker/masker_utils.rb +62 -0
- data/lib/contrast/agent/reporting/report.rb +2 -0
- data/lib/contrast/agent/reporting/reporter.rb +29 -22
- data/lib/contrast/agent/reporting/reporter_heartbeat.rb +49 -0
- data/lib/contrast/agent/reporting/reporting_events/agent_startup.rb +34 -0
- data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +53 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +48 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +64 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +70 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb +57 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb +56 -0
- data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +12 -4
- data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb +58 -0
- data/lib/contrast/agent/reporting/reporting_events/application_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup.rb +50 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup_instrumentation.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +7 -12
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +10 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +2 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event_object.rb +3 -3
- data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +5 -5
- data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +16 -12
- data/lib/contrast/agent/reporting/reporting_events/poll.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +10 -8
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +8 -11
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +2 -1
- data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +8 -6
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +12 -20
- data/lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +17 -27
- data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb +38 -0
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +8 -0
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +6 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +23 -7
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +64 -76
- data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +17 -7
- data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb +100 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +75 -13
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_mode.rb +63 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +154 -113
- data/lib/contrast/agent/reporting/settings/application_settings.rb +9 -0
- data/lib/contrast/agent/reporting/settings/assess_server_feature.rb +5 -33
- data/lib/contrast/agent/reporting/settings/protect.rb +1 -1
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +2 -2
- data/lib/contrast/agent/reporting/settings/sampling.rb +36 -0
- data/lib/contrast/agent/reporting/settings/sensitive_data_masking.rb +110 -0
- data/lib/contrast/agent/reporting/settings/sensitive_data_masking_rule.rb +58 -0
- data/lib/contrast/agent/request.rb +3 -3
- data/lib/contrast/agent/request_context.rb +1 -1
- data/lib/contrast/agent/request_context_extend.rb +2 -2
- data/lib/contrast/agent/request_handler.rb +7 -3
- data/lib/contrast/agent/response.rb +2 -0
- data/lib/contrast/agent/service_heartbeat.rb +6 -48
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/telemetry/base.rb +151 -0
- data/lib/contrast/agent/telemetry/events/event.rb +35 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_base.rb +59 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_event.rb +44 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message.rb +115 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message_exception.rb +83 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_stack_frame.rb +64 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions.rb +20 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions_report.rb +32 -0
- data/lib/contrast/agent/telemetry/events/metric_event.rb +28 -0
- data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +123 -0
- data/lib/contrast/agent/thread_watcher.rb +52 -68
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/agent/worker_thread.rb +8 -0
- data/lib/contrast/agent.rb +4 -3
- data/lib/contrast/api/communication/messaging_queue.rb +28 -11
- data/lib/contrast/api/communication/response_processor.rb +7 -10
- data/lib/contrast/api/communication/speedracer.rb +1 -1
- data/lib/contrast/api/decorators/activity.rb +33 -0
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/http_request.rb +1 -1
- data/lib/contrast/api/decorators/response_type.rb +30 -0
- data/lib/contrast/api/decorators.rb +1 -0
- data/lib/contrast/components/app_context.rb +0 -4
- data/lib/contrast/components/assess.rb +14 -0
- data/lib/contrast/components/config.rb +13 -22
- data/lib/contrast/components/contrast_service.rb +9 -0
- data/lib/contrast/components/protect.rb +2 -2
- data/lib/contrast/components/sampling.rb +7 -11
- data/lib/contrast/components/settings.rb +116 -8
- data/lib/contrast/config/agent_configuration.rb +34 -41
- data/lib/contrast/config/api_configuration.rb +16 -75
- data/lib/contrast/config/api_proxy_configuration.rb +9 -48
- data/lib/contrast/config/application_configuration.rb +24 -95
- data/lib/contrast/config/assess_configuration.rb +21 -76
- data/lib/contrast/config/assess_rules_configuration.rb +13 -38
- data/lib/contrast/config/base_configuration.rb +11 -76
- data/lib/contrast/config/certification_configuration.rb +15 -68
- data/lib/contrast/config/exception_configuration.rb +15 -59
- data/lib/contrast/config/heap_dump_configuration.rb +19 -73
- data/lib/contrast/config/inventory_configuration.rb +11 -55
- data/lib/contrast/config/logger_configuration.rb +8 -41
- data/lib/contrast/config/protect_configuration.rb +23 -10
- data/lib/contrast/config/protect_rule_configuration.rb +23 -37
- data/lib/contrast/config/protect_rules_configuration.rb +39 -43
- data/lib/contrast/config/request_audit_configuration.rb +16 -55
- data/lib/contrast/config/root_configuration.rb +70 -13
- data/lib/contrast/config/ruby_configuration.rb +14 -47
- data/lib/contrast/config/sampling_configuration.rb +12 -65
- data/lib/contrast/config/server_configuration.rb +13 -45
- data/lib/contrast/config/service_configuration.rb +36 -17
- data/lib/contrast/configuration.rb +21 -13
- data/lib/contrast/extension/assess/string.rb +20 -1
- data/lib/contrast/extension/module.rb +0 -1
- data/lib/contrast/framework/manager.rb +2 -2
- data/lib/contrast/framework/rails/patch/support.rb +13 -45
- data/lib/contrast/logger/aliased_logging.rb +87 -0
- data/lib/contrast/logger/application.rb +1 -5
- data/lib/contrast/logger/cef_log.rb +1 -1
- data/lib/contrast/tasks/config.rb +100 -4
- data/lib/contrast/utils/assess/object_store.rb +36 -0
- data/lib/contrast/utils/assess/propagation_method_utils.rb +6 -0
- data/lib/contrast/utils/class_util.rb +5 -18
- data/lib/contrast/utils/input_classification.rb +73 -0
- data/lib/contrast/utils/invalid_configuration_util.rb +1 -1
- data/lib/contrast/utils/log_utils.rb +3 -1
- data/lib/contrast/utils/middleware_utils.rb +10 -9
- data/lib/contrast/utils/net_http_base.rb +1 -1
- data/lib/contrast/utils/object_share.rb +2 -1
- data/lib/contrast/utils/os.rb +0 -5
- data/lib/contrast/utils/patching/policy/patch_utils.rb +4 -5
- data/lib/contrast/utils/response_utils.rb +18 -33
- data/lib/contrast/utils/telemetry.rb +20 -2
- data/lib/contrast/utils/telemetry_client.rb +23 -11
- data/lib/contrast/utils/telemetry_hash.rb +41 -0
- data/lib/contrast/utils/telemetry_identifier.rb +16 -1
- data/lib/contrast.rb +9 -0
- data/resources/assess/policy.json +98 -0
- data/resources/deadzone/policy.json +0 -86
- data/ruby-agent.gemspec +10 -9
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +98 -30
- data/lib/contrast/agent/metric_telemetry_event.rb +0 -26
- data/lib/contrast/agent/startup_metrics_telemetry_event.rb +0 -121
- data/lib/contrast/agent/telemetry.rb +0 -137
- data/lib/contrast/agent/telemetry_event.rb +0 -33
- data/lib/contrast/utils/exclude_key.rb +0 -20
@@ -0,0 +1,52 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/utils/object_share'
|
5
|
+
require 'contrast/utils/timer'
|
6
|
+
require 'contrast/agent/reporting/attack_result/user_input'
|
7
|
+
|
8
|
+
module Contrast
|
9
|
+
module Agent
|
10
|
+
module Reporting
|
11
|
+
# This class will hold the new RaspRuleSample.
|
12
|
+
# protect rules.
|
13
|
+
class RaspRuleSample
|
14
|
+
def timestamp
|
15
|
+
@_timestamp ||= 0
|
16
|
+
end
|
17
|
+
|
18
|
+
def timestamp= timestamp_ms
|
19
|
+
@_timestamp = timestamp_ms
|
20
|
+
end
|
21
|
+
|
22
|
+
def user_input
|
23
|
+
@_user_input ||= Contrast::Agent::Reporting::UserInput.new
|
24
|
+
end
|
25
|
+
|
26
|
+
def user_input= input
|
27
|
+
@_user_input = input if input.is_a?(Contrast::Agent::Reporting::UserInput)
|
28
|
+
end
|
29
|
+
|
30
|
+
def build context, ia_result
|
31
|
+
sample = self
|
32
|
+
sample.timestamp = context&.timer&.start_ms
|
33
|
+
sample.user_input = build_user_input_from_ia(ia_result)
|
34
|
+
sample.user_input.document_type = if context&.request
|
35
|
+
Contrast::Utils::StringUtils.force_utf8(context.request.document_type)
|
36
|
+
end
|
37
|
+
sample
|
38
|
+
end
|
39
|
+
|
40
|
+
def build_user_input_from_ia ia_result
|
41
|
+
user_input = Contrast::Agent::Reporting::UserInput.new
|
42
|
+
user_input.input_type = ia_result.input_type
|
43
|
+
user_input.matcher_ids = ia_result.ids
|
44
|
+
user_input.path = ia_result.path
|
45
|
+
user_input.key = ia_result.key if ia_result.key
|
46
|
+
user_input.value = ia_result.value if ia_result.value
|
47
|
+
user_input
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/utils/object_share'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Agent
|
8
|
+
module Reporting
|
9
|
+
# This module will hold the response types used to generate
|
10
|
+
# attack result.
|
11
|
+
module ResponseType
|
12
|
+
BLOCKED = :BLOCKED.cs__freeze
|
13
|
+
MONITORED = :MONITORED.cs__freeze
|
14
|
+
PROBED = :PROBED.cs__freeze
|
15
|
+
BLOCK_AT_PERIMETER = :BLOCK_AT_PERIMETER.cs__freeze
|
16
|
+
SUSPICIOUS = :SUSPICIOUS.cs__freeze
|
17
|
+
AGGREGATED = :AGGREGATED.cs__freeze
|
18
|
+
EXPLOITED = :EXPLOITED.cs__freeze
|
19
|
+
NO_ACTION = :NO_ACTION.cs__freeze
|
20
|
+
|
21
|
+
class << self
|
22
|
+
def to_a
|
23
|
+
[NO_ACTION, BLOCKED, MONITORED, PROBED, BLOCK_AT_PERIMETER, EXPLOITED, SUSPICIOUS, AGGREGATED]
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/utils/object_share'
|
5
|
+
require 'contrast/agent/reporting/input_analysis/input_type'
|
6
|
+
require 'contrast/agent/request_context'
|
7
|
+
|
8
|
+
module Contrast
|
9
|
+
module Agent
|
10
|
+
module Reporting
|
11
|
+
# This class will hold the new Sqli detail used by RaspRuleSample
|
12
|
+
class UserInput
|
13
|
+
INPUT_TYPE = Contrast::Agent::Reporting::InputType
|
14
|
+
DOCUMENT_TYPE = { XML: :XML, JSON: :JSON, NORMAL: :NORMAL }.cs__freeze
|
15
|
+
|
16
|
+
# @return @_path [String]
|
17
|
+
def path
|
18
|
+
@_path ||= Contrast::Utils::ObjectShare::EMPTY_STRING
|
19
|
+
end
|
20
|
+
|
21
|
+
# @param path [String]
|
22
|
+
# @return @_path [String]
|
23
|
+
def path= path
|
24
|
+
@_path = path if path.is_a?(String)
|
25
|
+
end
|
26
|
+
|
27
|
+
# @return @_key [String]
|
28
|
+
def key
|
29
|
+
@_key ||= Contrast::Utils::ObjectShare::EMPTY_STRING
|
30
|
+
end
|
31
|
+
|
32
|
+
# @param key [String]
|
33
|
+
# @return @_key [String]
|
34
|
+
def key= key
|
35
|
+
@_key = key if key.is_a?(String)
|
36
|
+
end
|
37
|
+
|
38
|
+
# @return value [String]
|
39
|
+
def value
|
40
|
+
@_value ||= Contrast::Utils::ObjectShare::EMPTY_STRING
|
41
|
+
end
|
42
|
+
|
43
|
+
# @param value [String]
|
44
|
+
# @return value [String]
|
45
|
+
def value= value
|
46
|
+
@_value = value if value.is_a?(String)
|
47
|
+
end
|
48
|
+
|
49
|
+
# @return @_input_type [
|
50
|
+
# Symbol<Contrast::Agent::Reporting::Settings::InputAnalysis::InputAnalysisResult::InputType>]
|
51
|
+
def input_type
|
52
|
+
@_input_type ||= INPUT_TYPE::UNDEFINED_TYPE
|
53
|
+
end
|
54
|
+
|
55
|
+
# @param input_type [
|
56
|
+
# Symbol<Contrast::Agent::Reporting::Settings::InputAnalysis::InputAnalysisResult::InputType>]
|
57
|
+
# @return @_input_type [
|
58
|
+
# Symbol<Contrast::Agent::Reporting::Settings::InputAnalysis::InputAnalysisResult::InputType>]
|
59
|
+
def input_type= input_type
|
60
|
+
@_input_type = input_type if INPUT_TYPE.to_a.include?(input_type)
|
61
|
+
end
|
62
|
+
|
63
|
+
# type [Symbol<:XML, :JSON, :NORMAL>]
|
64
|
+
def document_type
|
65
|
+
@_document_type ||= DOCUMENT_TYPE[:NORMAL]
|
66
|
+
end
|
67
|
+
|
68
|
+
def document_type= type
|
69
|
+
@_document_type = type if DOCUMENT_TYPE.value?(type)
|
70
|
+
end
|
71
|
+
|
72
|
+
# Matchers IDs
|
73
|
+
# @return @_ids [Array<String>]
|
74
|
+
def matcher_ids
|
75
|
+
@_matcher_ids ||= []
|
76
|
+
end
|
77
|
+
|
78
|
+
# Matchers IDs
|
79
|
+
# @param ids [Array<String>]
|
80
|
+
# @return @_ids [Array<String>]
|
81
|
+
def matcher_ids= ids
|
82
|
+
@_matcher_ids = ids if ids.is_a?(Array) && ids.any?(String)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
@@ -0,0 +1,243 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporter'
|
6
|
+
require 'contrast/utils/object_share'
|
7
|
+
require 'contrast/agent/reporting/attack_result/response_type'
|
8
|
+
require 'contrast/agent/reporting/masker/masker_utils'
|
9
|
+
|
10
|
+
module Contrast
|
11
|
+
module Agent
|
12
|
+
module Reporting
|
13
|
+
# This module duty is to mask any activity containing sensitive information - PII masking.
|
14
|
+
module Masker
|
15
|
+
MASK = 'contrast-redacted-'
|
16
|
+
BODY_MASK = 'contrast-redacted-body'
|
17
|
+
BODY_BINARY_MASK = BODY_MASK.bytes.to_s.cs__freeze
|
18
|
+
|
19
|
+
class << self
|
20
|
+
include Contrast::Components::Logger::InstanceMethods
|
21
|
+
include Contrast::Utils::ObjectShare
|
22
|
+
include Contrast::Agent::Reporting::MaskerUtils
|
23
|
+
|
24
|
+
# Keyword dictionary, extracted from the TS response.
|
25
|
+
#
|
26
|
+
# @return Array<Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule>
|
27
|
+
def dictionary
|
28
|
+
@_dictionary ||= update_dictionary
|
29
|
+
end
|
30
|
+
|
31
|
+
# Mask sensitive data according to the contrast sensitive data rules.
|
32
|
+
#
|
33
|
+
# @param [Contrast::Api::Dtm::Activity]
|
34
|
+
def mask activity
|
35
|
+
return unless Contrast::Agent::Reporter.enabled?
|
36
|
+
return unless activity
|
37
|
+
|
38
|
+
logger.debug('Searching for sensitive data',
|
39
|
+
activity: activity.__id__,
|
40
|
+
request: activity.http_request&.uuid)
|
41
|
+
mask_body(activity)
|
42
|
+
mask_query_string(activity)
|
43
|
+
mask_request_params(activity)
|
44
|
+
mask_request_cookies(activity)
|
45
|
+
mask_request_headers(activity)
|
46
|
+
rescue StandardError => _e
|
47
|
+
logger.debug('Could not mask activity!', activity: activity.__id__, request: activity.http_request&.uuid)
|
48
|
+
end
|
49
|
+
|
50
|
+
private
|
51
|
+
|
52
|
+
# When called this will overwrite existing rules with those
|
53
|
+
# in settings. Ideally we need to call this on init and when
|
54
|
+
# the Agent receives new rules from TS response.This is called
|
55
|
+
# from Contrast::Components::Settings.
|
56
|
+
#
|
57
|
+
# To make it save this is private method because if new
|
58
|
+
# settings arrive and they might be empty as edge case,
|
59
|
+
# this will produce dictionary with empty rules and this
|
60
|
+
# is not desirable.
|
61
|
+
def update_dictionary
|
62
|
+
@_dictionary = Contrast::SETTINGS.sensitive_data_masking.rules
|
63
|
+
end
|
64
|
+
|
65
|
+
# Mask request body:
|
66
|
+
#
|
67
|
+
# @param activity [Contrast::Api::Dtm::Activity]
|
68
|
+
# @return masked_body [String, nil]
|
69
|
+
def mask_body activity
|
70
|
+
return unless mask_body?
|
71
|
+
|
72
|
+
body = activity.http_request.request_body
|
73
|
+
return if body.nil? || body.empty?
|
74
|
+
|
75
|
+
activity.http_request.request_body = BODY_MASK
|
76
|
+
activity.http_request.request_body_binary = BODY_BINARY_MASK
|
77
|
+
end
|
78
|
+
|
79
|
+
# Mask request params.
|
80
|
+
#
|
81
|
+
# @param activity [Contrast::Api::Dtm::Activity]
|
82
|
+
# @return masked_body [String, nil]
|
83
|
+
def mask_request_params activity
|
84
|
+
params = activity.http_request.normalized_request_params
|
85
|
+
return unless params
|
86
|
+
|
87
|
+
mask_with_dictionary activity.results, params
|
88
|
+
end
|
89
|
+
|
90
|
+
def mask_request_headers activity
|
91
|
+
if activity.http_request.parsed_request_headers
|
92
|
+
# Used normalized request_headers
|
93
|
+
mask_with_dictionary activity.results, activity.http_request.normalized_request_headers
|
94
|
+
else
|
95
|
+
headers = activity.http_request.request_headers
|
96
|
+
mask_field_hash headers, activity.results
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
# Mask Cookies.
|
101
|
+
#
|
102
|
+
# @param activity [Contrast::Api::Dtm::Activity] Activity to mask
|
103
|
+
# @return masked_values [Hash, nil]
|
104
|
+
def mask_request_cookies activity
|
105
|
+
cookies = activity.http_request.normalized_cookies
|
106
|
+
return unless cookies
|
107
|
+
|
108
|
+
mask_with_dictionary activity.results, cookies
|
109
|
+
end
|
110
|
+
|
111
|
+
# Mask request query string:
|
112
|
+
# exp: password => sensitive to password => contrast-redacted-password
|
113
|
+
#
|
114
|
+
# @param activity [Contrast::Api::Dtm::Activity]
|
115
|
+
# @return masked_query [String]
|
116
|
+
def mask_query_string activity
|
117
|
+
qs = activity.http_request.query_string
|
118
|
+
return if qs.nil? || qs.empty?
|
119
|
+
|
120
|
+
mask_field_hash qs, activity.results unless qs.cs__is_a?(String)
|
121
|
+
mask_raw_query qs, activity.results
|
122
|
+
end
|
123
|
+
|
124
|
+
# Mask if the value in the passed hash are matched against dictionary
|
125
|
+
# keyword. If the mask_attack_vector flag is set, this will also mask
|
126
|
+
# any attack.
|
127
|
+
#
|
128
|
+
# @param results [Array<Contrast::Api::Dtm::AttackResults>]
|
129
|
+
# results to match against.
|
130
|
+
# @param hash [Hash] Normalized hash representing the key/val pair from
|
131
|
+
# the activity's http request parameters.
|
132
|
+
# @return nil | Protobuf::Field::FieldHash
|
133
|
+
def mask_with_dictionary results, hash
|
134
|
+
return if hash.nil? || hash.empty?
|
135
|
+
|
136
|
+
hash.each do |key, val|
|
137
|
+
match = dictionary_matcher key
|
138
|
+
next unless match
|
139
|
+
|
140
|
+
# The normalized values are paired.
|
141
|
+
# key => Contrast::Api::Dtm::Pair (key, val<Values>).
|
142
|
+
# try one level down
|
143
|
+
if val.cs__respond_to? :values
|
144
|
+
mask_values key, val, results
|
145
|
+
else
|
146
|
+
# Just assign keys.
|
147
|
+
mask_hash key, val, hash, results
|
148
|
+
end
|
149
|
+
end
|
150
|
+
hash
|
151
|
+
end
|
152
|
+
|
153
|
+
# Mask the values of DTM pair with attack vector condition check.
|
154
|
+
# if the attack vector flag is set then mask the attack value.
|
155
|
+
#
|
156
|
+
# @param key [String] current iterable key from Protobuf::Field::FieldHash
|
157
|
+
# pointing to Contrast::Api::Dtm::Pair<key, val>(holding the value to mask)
|
158
|
+
# @param results [Array<Contrast::Api::Dtm::AttackResults>]
|
159
|
+
# results to match against.
|
160
|
+
# @param val [Contrast::Api::Dtm::Pair<Value>]
|
161
|
+
def mask_values key, val, results
|
162
|
+
val.values.each.with_index do |v, idx|
|
163
|
+
# Mask the attack vector only if the flag is set.
|
164
|
+
val.values[idx] = MASK + key.downcase if attack_vector?(results, v) && mask_attack_vector?
|
165
|
+
# It is not attack vector and we mask it as normal.
|
166
|
+
val.values[idx] = MASK + key.downcase unless attack_vector?(results, v)
|
167
|
+
end
|
168
|
+
val
|
169
|
+
end
|
170
|
+
|
171
|
+
# Handles the masking of Field hash with string values.
|
172
|
+
# this case is used when called from #mask_field_hash
|
173
|
+
# and #mask_raw_query helper methods. Since they dont
|
174
|
+
# return values containing sub-values (key, val<Values>).
|
175
|
+
#
|
176
|
+
# @param key [String] current iterable key from Protobuf::Field::FieldHash
|
177
|
+
# @param val [String] normalized value to be matched against the results
|
178
|
+
# and masked.
|
179
|
+
# @param hash [Hash] Normalized hash representing the key/val pair.
|
180
|
+
# @param results [Array<Contrast::Api::Dtm::AttackResults>]
|
181
|
+
# results to match against.
|
182
|
+
def mask_hash key, val, hash, results
|
183
|
+
hash[key] = MASK + key.downcase if attack_vector?(results, val) && mask_attack_vector?
|
184
|
+
hash[key] = MASK + key.downcase unless attack_vector?(results, val)
|
185
|
+
end
|
186
|
+
|
187
|
+
# Match to see if values matches input from AttackResults array.
|
188
|
+
# If match is found and the attack result's response is any of
|
189
|
+
# [BAP(Block At Perimeter), BLOCKED, PROBED] the return is true.
|
190
|
+
#
|
191
|
+
# @param results [Array<Contrast::Api::Dtm::AttackResults>]
|
192
|
+
# results to match against.
|
193
|
+
# @param value [String] Input to match.
|
194
|
+
# @return true | false
|
195
|
+
def attack_vector? results, value
|
196
|
+
return false unless value && results
|
197
|
+
|
198
|
+
results.each do |result|
|
199
|
+
# Check samples Contrast::Api::Dtm::RaspRuleSample
|
200
|
+
# is the value in sample and the response is valid?
|
201
|
+
result.samples.any? do |sample|
|
202
|
+
# Check user input Contrast::Api::Dtm::UserInput.
|
203
|
+
match = sample.user_input.value == value.to_s &&
|
204
|
+
result.response&.name != Contrast::Agent::Reporting::ResponseType::NO_ACTION
|
205
|
+
|
206
|
+
return match if match
|
207
|
+
end
|
208
|
+
end
|
209
|
+
false
|
210
|
+
end
|
211
|
+
|
212
|
+
# Consult with our current settings state.
|
213
|
+
#
|
214
|
+
# @return true | false
|
215
|
+
def mask_attack_vector?
|
216
|
+
Contrast::SETTINGS.sensitive_data_masking.mask_attack_vector?
|
217
|
+
end
|
218
|
+
|
219
|
+
# Consult with our current settings state.
|
220
|
+
#
|
221
|
+
# @return true | false
|
222
|
+
def mask_body?
|
223
|
+
Contrast::SETTINGS.sensitive_data_masking.mask_http_body?
|
224
|
+
end
|
225
|
+
|
226
|
+
# Check to see if value is matched in the dictionary.
|
227
|
+
#
|
228
|
+
# @param value [String] Value to check.
|
229
|
+
# @return match [String, nil] from the Dictionary, or nil.
|
230
|
+
def dictionary_matcher value
|
231
|
+
return unless @_dictionary
|
232
|
+
|
233
|
+
@_dictionary.each do |rule|
|
234
|
+
idx = rule.keywords.find_index(value.downcase)
|
235
|
+
return rule.keywords[idx] if idx
|
236
|
+
end
|
237
|
+
nil
|
238
|
+
end
|
239
|
+
end
|
240
|
+
end
|
241
|
+
end
|
242
|
+
end
|
243
|
+
end
|
@@ -0,0 +1,62 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/utils/object_share'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Agent
|
8
|
+
module Reporting
|
9
|
+
# helper methods used for masking
|
10
|
+
module MaskerUtils
|
11
|
+
include Contrast::Utils::ObjectShare
|
12
|
+
# Helper to deal with Protobuf FieldHash.
|
13
|
+
#
|
14
|
+
# @param field_hash [Protobuf::Field::FieldHash] hash to be masked
|
15
|
+
# @param results [Array<Contrast::Api::Dtm::AttackResults>]
|
16
|
+
# results to match against.
|
17
|
+
# @return [Hash]
|
18
|
+
def mask_field_hash field_hash, results
|
19
|
+
return {} unless field_hash&.any?
|
20
|
+
|
21
|
+
hash = {}
|
22
|
+
# Because this is the start of a built string, we have to be sure that it is not frozen.
|
23
|
+
masked = +''
|
24
|
+
field_hash.each do |entry|
|
25
|
+
# Protobuf::Field::FieldHash produces array, with the key as first param and value as second.
|
26
|
+
new_value = entry[1].delete(SEMICOLON).split(SPACE)
|
27
|
+
new_value.each do |value|
|
28
|
+
arr = value.split(EQUALS)
|
29
|
+
# Add to new hash.
|
30
|
+
hash[arr[0]] = arr[1]
|
31
|
+
end
|
32
|
+
# Mask the newly created hash.
|
33
|
+
mask_with_dictionary results, hash
|
34
|
+
|
35
|
+
# Restore to original form.
|
36
|
+
hash.each { |k, v| masked += "#{ k }=#{ v }; " }
|
37
|
+
masked.rstrip!
|
38
|
+
field_hash[entry[0]] = masked
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
# Mask raw query as it comes from the env.
|
43
|
+
# exp:
|
44
|
+
# 'ssn=1234567&id=%272%20or%202%20=%202%27' =>
|
45
|
+
# 'ssn=contrast-redacted-ssn&id=contrast-redacted-id'
|
46
|
+
#
|
47
|
+
# @param query [String]
|
48
|
+
# @param results [Array<Contrast::Api::Dtm::AttackResults>]
|
49
|
+
# results to match against.
|
50
|
+
def mask_raw_query query, results
|
51
|
+
masked = EMPTY_STRING
|
52
|
+
hash = URI.decode_www_form(query).to_h
|
53
|
+
mask_with_dictionary results, hash
|
54
|
+
# Restore to string form.
|
55
|
+
hash.each { |k, v| masked += "#{ k }=#{ v }&" }
|
56
|
+
query = masked
|
57
|
+
query.chomp!(masked[-1])
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
@@ -26,3 +26,5 @@ require 'contrast/agent/reporting/reporting_events/observed_route'
|
|
26
26
|
require 'contrast/agent/reporting/reporting_events/route_coverage'
|
27
27
|
require 'contrast/agent/reporting/reporting_events/observed_library_usage'
|
28
28
|
require 'contrast/agent/reporting/reporting_events/poll'
|
29
|
+
# Sensitive data masking
|
30
|
+
require 'contrast/agent/reporting/masker/masker'
|
@@ -4,6 +4,7 @@
|
|
4
4
|
require 'contrast/agent/worker_thread'
|
5
5
|
require 'contrast/agent/reporting/report'
|
6
6
|
require 'contrast/components/logger'
|
7
|
+
require 'contrast/agent/reporting/reporting_events/agent_startup'
|
7
8
|
|
8
9
|
module Contrast
|
9
10
|
module Agent
|
@@ -11,8 +12,6 @@ module Contrast
|
|
11
12
|
class Reporter < WorkerThread
|
12
13
|
include Contrast::Components::Logger::InstanceMethods
|
13
14
|
include Contrast::Utils::ObjectShare
|
14
|
-
# 15 min
|
15
|
-
TIMEOUT = 900.cs__freeze
|
16
15
|
|
17
16
|
class << self
|
18
17
|
# check if we can report to TS
|
@@ -32,10 +31,6 @@ module Contrast
|
|
32
31
|
@_connection ||= client.initialize_connection
|
33
32
|
end
|
34
33
|
|
35
|
-
def audit
|
36
|
-
@_audit ||= Contrast::Agent::Reporting::Audit.new
|
37
|
-
end
|
38
|
-
|
39
34
|
def attempt_to_start?
|
40
35
|
unless cs__class.enabled?
|
41
36
|
logger.warn('Reporter service is disabled!')
|
@@ -58,19 +53,25 @@ module Contrast
|
|
58
53
|
# to figure out why that is and lock it so that it isn't.
|
59
54
|
next unless client && connection
|
60
55
|
|
61
|
-
|
62
|
-
begin
|
63
|
-
response = client.send_event(event, connection)
|
64
|
-
audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable?
|
65
|
-
rescue StandardError => e
|
66
|
-
logger.error('Could not send message to service from Reporter queue.', e)
|
67
|
-
end
|
68
|
-
sleep(TIMEOUT) if client.sleep?
|
69
|
-
client.wake_up
|
56
|
+
process_event(queue.pop)
|
70
57
|
end
|
71
58
|
end
|
72
59
|
end
|
73
60
|
|
61
|
+
# Suspend the Reporter and try sending the event after the timeout.
|
62
|
+
# The timeout is either default 15 min or received via TS response.
|
63
|
+
#
|
64
|
+
# @param event [Contrast::Agent::Reporting::ReportingEvent] Freshly pop-ed event.
|
65
|
+
def handle_resend event
|
66
|
+
sleep(client.timeout) if client.sleep?
|
67
|
+
# Retry once than discard the event. This is trigger on too many events of
|
68
|
+
# same kind error.
|
69
|
+
client.send_event(event, connection) if client.mode.status == client.mode.resending
|
70
|
+
client.mode.reset_mode
|
71
|
+
client.wake_up
|
72
|
+
end
|
73
|
+
|
74
|
+
# @param event [Contrast::Agent::Reporting::ReportingEvent]
|
74
75
|
def send_event event
|
75
76
|
if ::Contrast::AGENT.disabled?
|
76
77
|
logger.warn('Attempted to queue event with Agent disabled', caller: caller, event: event)
|
@@ -80,23 +81,21 @@ module Contrast
|
|
80
81
|
return unless cs__class.enabled?
|
81
82
|
|
82
83
|
logger.debug('Enqueued event for sending', event_type: event.cs__class)
|
83
|
-
audit&.audit_event(event) if ::Contrast::API.request_audit_enable?
|
84
84
|
queue << event
|
85
85
|
end
|
86
86
|
|
87
87
|
# Use this to bypass the messaging queue and leave response processing to the caller
|
88
|
+
#
|
89
|
+
# @param event [Contrast::Agent::Reporting::ReportingEvent]
|
90
|
+
# @return [Net::HTTPResponse, nil]
|
88
91
|
def send_event_immediately event
|
89
92
|
if ::Contrast::AGENT.disabled?
|
90
93
|
logger.warn('Reporter attempted to send event immediately with Agent disabled', caller: caller, event: event)
|
91
94
|
return
|
92
95
|
end
|
93
|
-
|
94
|
-
return unless response
|
95
|
-
|
96
|
-
client.handle_response(event, response, connection)
|
97
|
-
audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable?
|
96
|
+
client.send_event(event, connection, send_immediately: true)
|
98
97
|
rescue StandardError => e
|
99
|
-
logger.error('Could not send message to
|
98
|
+
logger.error('Could not send message to TeamServer from Reporter queue.', e)
|
100
99
|
end
|
101
100
|
|
102
101
|
def delete_queue!
|
@@ -117,6 +116,14 @@ module Contrast
|
|
117
116
|
def queue
|
118
117
|
@_queue ||= Queue.new
|
119
118
|
end
|
119
|
+
|
120
|
+
# @param event [Contrast::Agent::Reporting::ReportingEvent]
|
121
|
+
def process_event event
|
122
|
+
client.send_event(event, connection)
|
123
|
+
handle_resend(event) if client.mode.status == client.mode.resending
|
124
|
+
rescue StandardError => e
|
125
|
+
logger.error('Could not send message to TeamServer from Reporter queue.', e)
|
126
|
+
end
|
120
127
|
end
|
121
128
|
end
|
122
129
|
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/worker_thread'
|
5
|
+
require 'contrast/agent/reporting/report'
|
6
|
+
require 'contrast/components/logger'
|
7
|
+
require 'contrast/agent/reporting/reporting_events/agent_startup'
|
8
|
+
|
9
|
+
module Contrast
|
10
|
+
module Agent
|
11
|
+
# The ReporterHeartbeat will make sure that the process remains marked alive by TeamServer and that we periodically
|
12
|
+
# reach out to get the latest settings for this application.
|
13
|
+
class ReporterHeartbeat < WorkerThread
|
14
|
+
include Contrast::Components::Logger::InstanceMethods
|
15
|
+
|
16
|
+
# TeamServer will mark an application offline after 5 minutes. Sending this every one should be more than enough
|
17
|
+
# to satisfy our goals.
|
18
|
+
REFRESH_INTERVAL_SEC = 60
|
19
|
+
|
20
|
+
# check if we can report to TS
|
21
|
+
#
|
22
|
+
# @return[Boolean] true if bypass is enabled, or false if bypass disabled
|
23
|
+
def enabled?
|
24
|
+
@_enabled = Contrast::CONTRAST_SERVICE.use_agent_communication? if @_enabled.nil?
|
25
|
+
@_enabled
|
26
|
+
end
|
27
|
+
|
28
|
+
def connection
|
29
|
+
@_connection ||= client.initialize_connection
|
30
|
+
end
|
31
|
+
|
32
|
+
def start_thread!
|
33
|
+
return if running?
|
34
|
+
|
35
|
+
@_thread = Contrast::Agent::Thread.new do
|
36
|
+
logger.info('Starting heartbeat thread.')
|
37
|
+
loop do
|
38
|
+
Contrast::Agent.reporter&.send_event(poll_message)
|
39
|
+
sleep(REFRESH_INTERVAL_SEC)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
def poll_message
|
45
|
+
@_poll_message ||= Contrast::Agent::Reporting::Poll.new
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/reporting/reporting_events/server_reporting_event'
|
5
|
+
require 'contrast/config'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# AgentStartup Event which sends the agent data to TeamServer on the startup of a server or process,
|
11
|
+
# used to create a new Server entity there.
|
12
|
+
class AgentStartup < Contrast::Agent::Reporting::ServerReportingEvent
|
13
|
+
def initialize
|
14
|
+
@event_method = :PUT
|
15
|
+
@event_endpoint = Contrast::Agent::Reporting::Endpoints::NG_ENDPOINTS[:agent_startup]
|
16
|
+
@event_type = :agent_startup
|
17
|
+
super
|
18
|
+
end
|
19
|
+
|
20
|
+
def file_name
|
21
|
+
'agent-startup'
|
22
|
+
end
|
23
|
+
|
24
|
+
def to_controlled_hash
|
25
|
+
{
|
26
|
+
environment: ::Contrast::CONFIG.root.server.environment,
|
27
|
+
tags: ::Contrast::CONFIG.root.server.tags,
|
28
|
+
version: Contrast::Agent::VERSION
|
29
|
+
}
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|