contrast-agent 6.9.0 → 6.11.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (112) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -1
  3. data/ext/build_funchook.rb +1 -1
  4. data/lib/contrast/agent/assess/policy/propagator/split.rb +1 -4
  5. data/lib/contrast/agent/assess/rule/response/body_rule.rb +1 -1
  6. data/lib/contrast/agent/middleware.rb +5 -3
  7. data/lib/contrast/agent/patching/policy/method_policy_extend.rb +6 -2
  8. data/lib/contrast/agent/patching/policy/trigger_node.rb +1 -1
  9. data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +76 -83
  10. data/lib/contrast/agent/protect/input_analyzer/worth_watching_analyzer.rb +40 -35
  11. data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +2 -0
  12. data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +6 -3
  13. data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +5 -2
  14. data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +3 -0
  15. data/lib/contrast/agent/protect/policy/rule_applicator.rb +12 -0
  16. data/lib/contrast/agent/protect/rule/base.rb +19 -5
  17. data/lib/contrast/agent/protect/rule/base_service.rb +7 -2
  18. data/lib/contrast/agent/protect/rule/bot_blocker/bot_blocker_input_classification.rb +1 -1
  19. data/lib/contrast/agent/protect/rule/bot_blocker.rb +8 -0
  20. data/lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb +1 -1
  21. data/lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb +9 -1
  22. data/lib/contrast/agent/protect/rule/cmdi/cmdi_chained_command.rb +1 -1
  23. data/lib/contrast/agent/protect/rule/cmdi/cmdi_dangerous_path.rb +1 -1
  24. data/lib/contrast/agent/protect/rule/deserialization.rb +2 -2
  25. data/lib/contrast/agent/protect/rule/no_sqli.rb +24 -2
  26. data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_input_classification.rb +1 -1
  27. data/lib/contrast/agent/protect/rule/path_traversal.rb +8 -0
  28. data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +0 -1
  29. data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb +0 -1
  30. data/lib/contrast/agent/protect/rule/sqli.rb +6 -10
  31. data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +6 -2
  32. data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +20 -0
  33. data/lib/contrast/agent/protect/rule/xss/reflected_xss_input_classification.rb +1 -1
  34. data/lib/contrast/agent/protect/rule/xss.rb +8 -0
  35. data/lib/contrast/agent/protect/rule/xxe.rb +2 -2
  36. data/lib/contrast/agent/protect/rule.rb +0 -3
  37. data/lib/contrast/agent/reporting/attack_result/user_input.rb +0 -1
  38. data/lib/contrast/agent/reporting/details/details.rb +0 -1
  39. data/lib/contrast/agent/reporting/input_analysis/input_analysis.rb +12 -0
  40. data/lib/contrast/agent/reporting/report.rb +1 -0
  41. data/lib/contrast/agent/reporting/reporter.rb +12 -15
  42. data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +4 -5
  43. data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +13 -1
  44. data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +20 -5
  45. data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +0 -1
  46. data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb +5 -0
  47. data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb +10 -1
  48. data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +2 -1
  49. data/lib/contrast/agent/reporting/reporting_events/application_reporting_event.rb +10 -0
  50. data/lib/contrast/agent/reporting/reporting_events/application_settings.rb +40 -0
  51. data/lib/contrast/agent/reporting/reporting_events/discovered_route.rb +9 -5
  52. data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +8 -5
  53. data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +7 -7
  54. data/lib/contrast/agent/reporting/reporting_utilities/ng_response_extractor.rb +137 -0
  55. data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +12 -4
  56. data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb +100 -107
  57. data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +5 -4
  58. data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +101 -67
  59. data/lib/contrast/agent/reporting/reporting_workers/application_server_worker.rb +46 -0
  60. data/lib/contrast/agent/reporting/reporting_workers/reporter_heartbeat.rb +51 -0
  61. data/lib/contrast/agent/reporting/reporting_workers/reporting_workers.rb +14 -0
  62. data/lib/contrast/agent/reporting/reporting_workers/server_settings_worker.rb +46 -0
  63. data/lib/contrast/agent/reporting/settings/assess.rb +14 -1
  64. data/lib/contrast/agent/reporting/settings/assess_rule.rb +18 -0
  65. data/lib/contrast/agent/reporting/settings/helpers.rb +4 -2
  66. data/lib/contrast/agent/reporting/settings/protect.rb +17 -12
  67. data/lib/contrast/agent/reporting/settings/protect_rule.rb +18 -0
  68. data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +1 -1
  69. data/lib/contrast/agent/reporting/settings/sensitive_data_masking.rb +1 -1
  70. data/lib/contrast/agent/reporting/settings/virtual_patch.rb +56 -0
  71. data/lib/contrast/agent/reporting/settings/virtual_patch_condition.rb +47 -0
  72. data/lib/contrast/agent/request_context_extend.rb +20 -0
  73. data/lib/contrast/agent/telemetry/base.rb +13 -15
  74. data/lib/contrast/agent/telemetry/events/exceptions/obfuscate.rb +108 -103
  75. data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +1 -1
  76. data/lib/contrast/agent/thread_watcher.rb +16 -10
  77. data/lib/contrast/agent/version.rb +1 -1
  78. data/lib/contrast/agent.rb +12 -0
  79. data/lib/contrast/agent_lib/api/init.rb +1 -7
  80. data/lib/contrast/agent_lib/api/input_tracing.rb +2 -4
  81. data/lib/contrast/agent_lib/interface.rb +1 -16
  82. data/lib/contrast/agent_lib/interface_base.rb +52 -39
  83. data/lib/contrast/agent_lib/return_types/eval_result.rb +2 -2
  84. data/lib/contrast/components/assess.rb +26 -4
  85. data/lib/contrast/components/config.rb +1 -1
  86. data/lib/contrast/components/polling.rb +4 -1
  87. data/lib/contrast/components/settings.rb +46 -3
  88. data/lib/contrast/config/config.rb +2 -2
  89. data/lib/contrast/config/protect_rule_configuration.rb +1 -1
  90. data/lib/contrast/config/protect_rules_configuration.rb +1 -1
  91. data/lib/contrast/extension/assess/array.rb +3 -3
  92. data/lib/contrast/extension/assess/regexp.rb +2 -2
  93. data/lib/contrast/framework/rack/patch/session_cookie.rb +2 -1
  94. data/lib/contrast/logger/aliased_logging.rb +48 -15
  95. data/lib/contrast/utils/duck_utils.rb +18 -0
  96. data/lib/contrast/utils/heap_dump_util.rb +1 -1
  97. data/lib/contrast/utils/input_classification_base.rb +21 -4
  98. data/lib/contrast/utils/log_utils.rb +1 -1
  99. data/lib/contrast/utils/middleware_utils.rb +1 -1
  100. data/lib/contrast/utils/patching/policy/patch_utils.rb +2 -2
  101. data/lib/contrast/utils/routes_sent.rb +6 -2
  102. data/lib/contrast/utils/telemetry.rb +2 -2
  103. data/lib/contrast/utils/telemetry_client.rb +1 -1
  104. data/resources/protect/policy.json +8 -0
  105. data/ruby-agent.gemspec +6 -6
  106. metadata +40 -30
  107. data/lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb +0 -96
  108. data/lib/contrast/agent/protect/rule/http_method_tampering.rb +0 -83
  109. data/lib/contrast/agent/reporting/details/http_method_tempering_details.rb +0 -27
  110. data/lib/contrast/agent/reporting/reporter_heartbeat.rb +0 -47
  111. data/lib/contrast/agent/reporting/server_settings_worker.rb +0 -44
  112. data/lib/contrast/agent_lib/api/method_tempering.rb +0 -29
@@ -0,0 +1,46 @@
1
+ # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ require 'contrast/agent/worker_thread'
5
+ require 'contrast/agent/reporting/report'
6
+
7
+ module Contrast
8
+ module Agent
9
+ module ReportingWorkers
10
+ # The ServerSettingsWorker will send request on interval, to make sure the Agent gets the settings it
11
+ # need to operate, from TS. This Thead should be started after the AgentStartup is complete.
12
+ class ServerSettingsWorker < WorkerThread
13
+ RESEND_INTERVAL_MS = 60_000.cs__freeze
14
+
15
+ def start_thread!
16
+ return if running?
17
+
18
+ @_thread = Contrast::Agent::Thread.new do
19
+ logger.info('[ServerSettingsWorker] Starting thread.', sending_interval: server_settings_resend_ms)
20
+ loop do
21
+ logger.info('[ServerSettingsWorker] Fetching Settings', sending_interval: server_settings_resend_ms)
22
+ Contrast::Agent.reporter&.send_event(settings_message)
23
+ sleep(server_settings_resend_ms / 1000)
24
+ end
25
+ end
26
+ end
27
+
28
+ private
29
+
30
+ # Polling messages for this thread. Including Server settings:
31
+ #
32
+ # @return [Contrast::Agent::Reporting::ReportingEvent]
33
+ def settings_message
34
+ @_settings_message ||= Contrast::Agent::Reporting::ServerSettings.new
35
+ end
36
+
37
+ # Get the value from settings or use the default one.
38
+ #
39
+ # @return resend_ms [Integer] time to resend the message
40
+ def server_settings_resend_ms
41
+ @_server_settings_resend_ms ||= Contrast::AGENT.polling.server_settings_ms&.to_i || RESEND_INTERVAL_MS
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
@@ -2,6 +2,7 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require 'contrast/utils/object_share'
5
+ require 'contrast/agent/reporting/settings/assess_rule'
5
6
 
6
7
  module Contrast
7
8
  module Agent
@@ -14,7 +15,13 @@ module Contrast
14
15
  #
15
16
  # @return disabled_rules [Array<String>] Array with string rule_ids
16
17
  def disabled_rules
17
- @_disabled_rules ||= []
18
+ @_disabled_rules ||= begin
19
+ disabled = []
20
+ rule_settings.each_pair do |rule_id, rules_setting|
21
+ disabled << rule_id unless rules_setting.enable
22
+ end
23
+ disabled
24
+ end
18
25
  end
19
26
 
20
27
  # @param disabled_rules [Array] with AssessRuleID strings
@@ -23,6 +30,12 @@ module Contrast
23
30
  @_disabled_rules = disabled_rules if disabled_rules.is_a?(Array)
24
31
  end
25
32
 
33
+ # @return [Hash<String,Contrast::Agent::Reporting::Settings::AssessRule>] map of rule, by id, to
34
+ # configuration
35
+ def rule_settings
36
+ @_rule_settings ||= {}
37
+ end
38
+
26
39
  # The id of a session on TeamServer under which this session of this application should report
27
40
  # Overrides that set by application.session_id (should match if provided).
28
41
  #
@@ -0,0 +1,18 @@
1
+ # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ require 'contrast/utils/object_share'
5
+
6
+ module Contrast
7
+ module Agent
8
+ module Reporting
9
+ module Settings
10
+ # Settings for each assess rule
11
+ class AssessRule
12
+ # @return [Boolean] is the rule enabled or not
13
+ attr_accessor :enable
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
@@ -51,9 +51,11 @@ module Contrast
51
51
 
52
52
  # rule_id => rule-id
53
53
  #
54
- # @param id [String]
54
+ # @param id [String, Symbol]
55
55
  def to_rule_id id
56
- id.to_s.tr('_', '-')
56
+ return Contrast::Utils::ObjectShare::EMPTY_STRING unless id.cs__is_a?(String) || id.cs__is_a?(Symbol)
57
+
58
+ id.to_s.downcase.tr('_', '-')
57
59
  end
58
60
  end
59
61
  end
@@ -2,6 +2,8 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require 'contrast/utils/object_share'
5
+ require 'contrast/agent/reporting/settings/protect_rule'
6
+ require 'contrast/agent/reporting/settings/virtual_patch'
5
7
 
6
8
  module Contrast
7
9
  module Agent
@@ -10,8 +12,8 @@ module Contrast
10
12
  module Settings
11
13
  # Application level settings for the Protect featureset
12
14
  class Protect
13
- # block at perimeter needs to be check against the blockAtEntry boolean value
14
- PROTECT_RULES_MODE = %w[OFF MONITORING BLOCKING].cs__freeze
15
+ # modes set by NG endpoints; block at perimeter needs to be check against the blockAtEntry boolean value
16
+ NG_PROTECT_RULES_MODE = %w[OFF MONITORING BLOCKING].cs__freeze
15
17
  # The settings for each protect rule for this application
16
18
  #
17
19
  # @return protection_rules [Array<protectRule>] protectRule: {
@@ -22,6 +24,12 @@ module Contrast
22
24
  @_protection_rules ||= []
23
25
  end
24
26
 
27
+ # @return [Hash<String,Contrast::Agent::Reporting::Settings::ProtectRule>] map of rule, by id, to
28
+ # configuration
29
+ def rule_settings
30
+ @_rule_settings ||= {}
31
+ end
32
+
25
33
  # Set the protection_rules array
26
34
  #
27
35
  # @param protection_rules [Array<protectRule>] protectRule: {
@@ -38,13 +46,7 @@ module Contrast
38
46
 
39
47
  # The virtual patches to apply for this application
40
48
  #
41
- # @return virtual_patches [Array<VirtualPatch>] Array of VirtualPatch: {
42
- # name [String] The name of the Virtual Patch
43
- # headers [Array] The headers that must be present in the request to result in the request being blocked
44
- # parameters [Array] The parameters that must be present in the request
45
- # to result in the request being blocked.
46
- # urls [Array] The urls that must be present in the request to result in the request being blocked.
47
- # uuids [String] The UUID of the Virtual Patch }
49
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatch>]
48
50
  def virtual_patches
49
51
  @_virtual_patches ||= []
50
52
  end
@@ -78,11 +80,11 @@ module Contrast
78
80
  modes_by_id = {}
79
81
  protection_rules.each do |rule|
80
82
  setting_mode = rule[:mode] || rule['mode']
81
- api_mode = if PROTECT_RULES_MODE.include?(setting_mode)
83
+ api_mode = if NG_PROTECT_RULES_MODE.include?(setting_mode)
82
84
  case setting_mode
83
- when PROTECT_RULES_MODE[1]
85
+ when NG_PROTECT_RULES_MODE[1]
84
86
  :MONITOR
85
- when PROTECT_RULES_MODE[2]
87
+ when NG_PROTECT_RULES_MODE[2]
86
88
  if rule[:blockAtEntry] || rule['blockAtEntry']
87
89
  :BLOCK_AT_PERIMETER
88
90
  else
@@ -92,8 +94,11 @@ module Contrast
92
94
  :NO_ACTION
93
95
  end
94
96
  else
97
+ # modes set by newer settings endpoints are of [OFF MONITOR BLOCK BLOCK_AT_PERIMETER] and
98
+ # can just be cast to symbols
95
99
  setting_mode.to_sym
96
100
  end
101
+
97
102
  id = rule[:id] || rule['id']
98
103
  modes_by_id[id] = api_mode
99
104
  end
@@ -0,0 +1,18 @@
1
+ # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ require 'contrast/utils/object_share'
5
+
6
+ module Contrast
7
+ module Agent
8
+ module Reporting
9
+ module Settings
10
+ # Settings for each protect rule
11
+ class ProtectRule
12
+ # @return [Symbol] the configured mode of the rule; OFF, MONITOR, BLOCK
13
+ attr_accessor :mode
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
@@ -161,7 +161,7 @@ module Contrast
161
161
  # value [String] }
162
162
  # }
163
163
  # @return rule_definition_list [Array<Contrast::Agent::Reporting::Settings::RuleDefinition>]
164
- def rule_definition_list= list
164
+ def ng_rule_definition_list list
165
165
  Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(
166
166
  Contrast::Agent::Reporting::Settings::RuleDefinition,
167
167
  rule_definition_list,
@@ -63,7 +63,7 @@ module Contrast
63
63
 
64
64
  # Build rules from hash
65
65
  #
66
- # @param settings_rules [Hash] Response settings under Settings/sensitive_data_masking_policy/rules
66
+ # @param settings_rules [Array<Hash>] Response settings under Settings/sensitive_data_masking_policy/rules
67
67
  # @return rules [Array<Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule>, nil
68
68
  def build_rules_form_settings settings_rules
69
69
  return if settings_rules.nil? || settings_rules.empty?
@@ -0,0 +1,56 @@
1
+ # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ require 'contrast/utils/object_share'
5
+ require 'contrast/agent/reporting/settings/virtual_patch_condition'
6
+
7
+ module Contrast
8
+ module Agent
9
+ module Reporting
10
+ module Settings
11
+ # The settings for each virtual patch in the agent.
12
+ class VirtualPatch
13
+ # @return [String]
14
+ attr_reader :name
15
+ # @return [String]
16
+ attr_reader :key
17
+ # @return [String]
18
+ attr_reader :uuid
19
+
20
+ def initialize hash
21
+ @name = hash[:name]
22
+ @key = hash[:key]
23
+ @uuid = hash[:uuid]
24
+
25
+ hash[:headers]&.each do |header_json|
26
+ headers << Contrast::Agent::Reporting::Settings::VirtualPatchCondition.new(header_json)
27
+ end
28
+
29
+ hash[:parameters]&.each do |header_json|
30
+ parameters << Contrast::Agent::Reporting::Settings::VirtualPatchCondition.new(header_json)
31
+ end
32
+
33
+ hash[:urls]&.each do |header_json|
34
+ urls << Contrast::Agent::Reporting::Settings::VirtualPatchCondition.new(header_json)
35
+ end
36
+ end
37
+
38
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatchCondition>]
39
+ def headers
40
+ @_headers ||= []
41
+ end
42
+
43
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatchCondition>]
44
+ def parameters
45
+ @_parameters ||= []
46
+ end
47
+
48
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatchCondition>]
49
+ def urls
50
+ @_urls ||= []
51
+ end
52
+ end
53
+ end
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,47 @@
1
+ # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ require 'contrast/utils/object_share'
5
+ require 'contrast/agent/reporting/settings/protect_rule'
6
+
7
+ module Contrast
8
+ module Agent
9
+ module Reporting
10
+ module Settings
11
+ # The settings for each virtual patch condition in the agent.
12
+ class VirtualPatchCondition
13
+ # @return [String]
14
+ attr_reader :name
15
+ # @return [String]
16
+ attr_reader :value
17
+ # @return [String]
18
+ attr_reader :input_type
19
+ # @return [String]
20
+ attr_reader :evaluation
21
+
22
+ def initialize hash
23
+ @name = hash[:name]
24
+ @value = hash[:value]
25
+ @input_type = hash[:input_type]
26
+ @evaluation = hash[:evaluation]
27
+ end
28
+
29
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatchCondition>]
30
+ def headers
31
+ @_headers ||= []
32
+ end
33
+
34
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatchCondition>]
35
+ def parameters
36
+ @_parameters ||= []
37
+ end
38
+
39
+ # @return [Array<Contrast::Agent::Reporting::Settings::VirtualPatchCondition>]
40
+ def urls
41
+ @_urls ||= []
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
47
+ end
@@ -50,6 +50,10 @@ module Contrast
50
50
  return false if @do_not_track
51
51
 
52
52
  if (ia = Contrast::Agent::Protect::InputAnalyzer.analyse(request))
53
+ # Handle prefilter
54
+ Contrast::Agent::Protect::InputAnalyzer.input_classification(ia, prefilter: true)
55
+ # Reflected xss infilter
56
+ Contrast::Agent::Protect::InputAnalyzer.input_classification_for('reflected-xss', ia)
53
57
  @agent_input_analysis = ia
54
58
  else
55
59
  logger.trace('Analysis from Agent was empty.')
@@ -60,6 +64,22 @@ module Contrast
60
64
  logger.warn('Unable to extract protect information from request', e)
61
65
  end
62
66
 
67
+ # Builds IA only for postfilter rules. If rules during infilter were not triggered there will be
68
+ # no IA for them later to use it in postfilter.
69
+ #
70
+ # @raise [Contrast::SecurityException]
71
+ def protect_postfilter_ia
72
+ return false unless ::Contrast::AGENT.enabled?
73
+ return false unless ::Contrast::PROTECT.enabled?
74
+
75
+ # Handle postfilter
76
+ Contrast::Agent::Protect::InputAnalyzer.input_classification(@agent_input_analysis, postfilter: true)
77
+ rescue Contrast::SecurityException => e
78
+ raise(e)
79
+ rescue StandardError => e
80
+ logger.warn('Unable to extract protect information from request - postfilter', e)
81
+ end
82
+
63
83
  # append anything we've learned to the request seen message this is the sum-total of all inventory information
64
84
  # that has been accumulated since the last request
65
85
  def extract_after rack_response
@@ -14,7 +14,6 @@ module Contrast
14
14
  # This class will initialize and hold everything needed for the telemetry
15
15
  class Base < WorkerThread
16
16
  include Contrast::Components::Logger::InstanceMethods
17
-
18
17
  # this is where we will send the data from the agents
19
18
  URL = 'https://telemetry.ruby.contrastsecurity.com/'
20
19
  # Suggested timeout after each send is to be 3 hours (10800 seconds)
@@ -48,7 +47,8 @@ module Contrast
48
47
  @_client = Contrast::Utils::TelemetryClient.new
49
48
  ip_opt_out_telemetry = @_client.initialize_connection(URL)
50
49
  if ip_opt_out_telemetry.nil?
51
- logger.warn("Connection was not established properly!!! \n Telemetry reporting will be disabled!")
50
+ logger.warn("[Telemetry] Connection was not established properly!!! \n
51
+ Telemetry reporting will be disabled!")
52
52
  return false
53
53
  end
54
54
 
@@ -66,30 +66,30 @@ module Contrast
66
66
 
67
67
  def attempt_to_start?
68
68
  unless cs__class.enabled?
69
- logger.warn('Telemetry service is disabled!')
69
+ logger.info('[Telemetry] Telemetry service is disabled!')
70
70
  return false
71
71
  end
72
72
 
73
- logger.debug('Attempting to start telemetry thread') unless running?
73
+ logger.debug('[Telemetry] Attempting to start telemetry thread') unless running?
74
74
  true
75
75
  end
76
76
 
77
77
  def start_thread!
78
78
  return if running?
79
79
 
80
- logger.debug('Starting background telemetry thread.')
80
+ logger.debug('[Telemetry] Starting background telemetry thread.')
81
81
  @_thread = create_thread
82
82
  end
83
83
 
84
84
  def send_event event
85
85
  if ::Contrast::AGENT.disabled?
86
- logger.warn('Attempted to queue event with Agent disabled', caller: caller, event: event)
86
+ logger.warn('[Telemetry] Attempted to queue event with Agent disabled', caller: caller, event: event)
87
87
  return
88
88
  end
89
89
 
90
90
  return unless cs__class.enabled?
91
91
 
92
- logger.debug('Enqueued event for sending', event_type: event.cs__class)
92
+ logger.debug('[Telemetry] Enqueued event for sending', event_type: event.cs__class)
93
93
  queue << event if event
94
94
  end
95
95
 
@@ -107,8 +107,7 @@ module Contrast
107
107
  end
108
108
 
109
109
  def request_with_response event
110
- res = client.send_request(event, connection)
111
- client.handle_response(res)
110
+ client.handle_response(client.send_request(event, connection))
112
111
  end
113
112
 
114
113
  private
@@ -120,7 +119,7 @@ module Contrast
120
119
  # It is recommended that implementations send a single payload of general metrics every 3 hours, starting from
121
120
  # implementation startup. This returns a thread configured to do so.
122
121
  #
123
- # @return [Contrast::Agent::Thread]
122
+ # @return [::Thread] Contrast::Agent::Thread
124
123
  def create_thread
125
124
  Contrast::Agent::Thread.new do
126
125
  loop do
@@ -132,16 +131,15 @@ module Contrast
132
131
  until queue.empty?
133
132
  event = queue.pop
134
133
  begin
135
- logger.debug('This is the current processed event', event)
136
- sleep_time = request_with_response(event)
137
- if sleep_time
134
+ logger.debug('[Telemetry] This is the current processed event', event)
135
+ if (sleep_time = request_with_response(event))
138
136
  sleep(sleep_time)
139
- logger.debug('Retrying to process event', event)
137
+ logger.debug('[Telemetry] Retrying to process event', event)
140
138
  retry_sleep_time = request_with_response(event)
141
139
  sleep(retry_sleep_time) unless retry_sleep_time.nil?
142
140
  end
143
141
  rescue StandardError => e
144
- logger.error('Could not send message to service from telemetry queue.', e)
142
+ logger.error('[Telemetry] Could not send message to service from telemetry queue.', e)
145
143
  stop!
146
144
  end
147
145
  end