newrelic_security 0.1.0

data/lib/newrelic_security/agent/control/critical_message.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module NewRelic::Security
+  module Agent
+    module Control
+
+      class CriticalMessage
+
+        attr_reader :jsonName
+        
+        def initialize(message, level, caller, thread_name, exception = nil)
+          @collectorType = RUBY
+          @language = Ruby
+          @jsonName = :'critical-messages'
+          @framework = NewRelic::Security::Agent.config[:framework]
+          @groupName = NewRelic::Security::Agent.config[:mode]
+          @policyVersion = nil
+          @collectorVersion = NewRelic::Security::VERSION
+          @buildNumber = nil
+          @jsonVersion = NewRelic::Security::Agent.config[:json_version]
+          @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @linkingMetadata = add_linking_metadata
+          @timestamp = current_time_millis
+          @message = message
+          @level = level          
+          @caller = caller
+          @threadName = thread_name
+          @exception = exception
+        end
+
+        def as_json
+          instance_variables.map! do |ivar|
+            [ivar[1..-1].to_sym, instance_variable_get(ivar)]
+          end.to_h
+        end
+
+        def to_json
+          as_json.to_json
+        end
+
+        private
+
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+
+        def add_linking_metadata
+          linking_metadata = Hash.new
+          linking_metadata[:agentRunId] = NewRelic::Security::Agent.config[:agent_run_id]
+          linking_metadata.merge!(NewRelic::Security::Agent.config[:linking_metadata])
+        end
+
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/event.rb

@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'uri'
+
+module NewRelic::Security
+  module Agent
+    module Control
+
+      ROOT_PATH = '/'
+
+      class Event
+
+        attr_accessor :sourceMethod, :userMethodName, :userFileName, :lineNumber,  :id, :apiId, :isIASTEnable, :isIASTRequest, :httpRequest, :httpResponse, :stacktrace, :metaData, :parentId
+        attr_reader :jsonName, :caseType, :eventCategory, :parameters
+        
+        def initialize(case_type, args, event_category)
+          @collectorType = RUBY
+          @language = Ruby
+          @jsonName = :Event
+          @eventType = :sec_event
+          @framework = NewRelic::Security::Agent.config[:framework]
+          @groupName = NewRelic::Security::Agent.config[:mode]
+          @policyVersion = nil
+          @collectorVersion = NewRelic::Security::VERSION
+          @buildNumber = nil
+          @jsonVersion = NewRelic::Security::Agent.config[:json_version]
+          @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @httpRequest = Hash.new
+          @httpResponse = Hash.new
+          @metaData = { :reflectedMetaData => { :listen_port => NewRelic::Security::Agent.config[:listen_port].to_s } }
+          @linkingMetadata = add_linking_metadata
+          @pid = pid
+          @parameters = args
+          @sourceMethod = nil
+          @userMethodName = nil
+          @userFileName = nil
+          @lineNumber = nil
+          @caseType = case_type
+          @eventCategory = event_category
+          @id = event_id
+          @eventGenerationTime = current_time_millis
+          @startTime = current_time_millis
+          @stacktrace = []
+          @apiId = nil
+          @isAPIBlocked = nil
+          @isIASTEnable = false
+          @isIASTRequest = false
+          @parentId = nil
+        end
+
+        def as_json
+          instance_variables.map! do |ivar|
+            [ivar[1..-1].to_sym, instance_variable_get(ivar)]
+          end.to_h
+        end
+
+        def to_json
+          as_json.to_json
+        end
+
+        # # TODO: Use this approach if, performace is very low with require 'json'
+        # def as_json(options={})
+        #   {
+        #       fname: @fname,
+        #       lname: @lname
+        #   }
+        # end
+        
+        # # This method needs, require 'json'
+        # def to_json(*options)
+        #     as_json(*options).to_json(*options)
+        # end
+
+        def copy_http_info(ctxt)
+          return if ctxt.nil?
+          http_request = {}
+          http_request[:parameterMap] = {}
+          http_request[:body] = ctxt.body
+          http_request[:generationTime] = ctxt.time_stamp
+          http_request[:dataTruncated] = false
+          http_request[:method] = ctxt.method
+          http_request[:route] = ctxt.route.split(AT_THE_RATE)[1] if ctxt.route
+          http_request[:url] = URI(ctxt.req[REQUEST_URI]).respond_to?(:request_uri) ? URI(ctxt.req[REQUEST_URI]).request_uri : ctxt.req[REQUEST_URI]
+          http_request[:clientIP] = ctxt.headers.has_key?(X_FORWARDED_FOR) ? ctxt.headers[X_FORWARDED_FOR].split(COMMA)[0].to_s : ctxt.req[REMOTE_ADDR].to_s
+          http_request[:serverPort] = ctxt.req[SERVER_PORT].to_i
+          http_request[:protocol] = ctxt.req[RACK_URL_SCHEME]
+          http_request[:contextPath] = ROOT_PATH
+          http_request[:headers] = ctxt.headers
+          http_request[:contentType] = ctxt.req[CONTENT_TYPE] if ctxt.req.has_key?(CONTENT_TYPE)
+          http_request[:headers][CONTENT_TYPE1] = ctxt.req[CONTENT_TYPE] if ctxt.req.has_key?(CONTENT_TYPE)
+          http_request[:dataTruncated] = ctxt.data_truncated
+          @httpRequest = http_request
+          @metaData[:isClientDetectedFromXFF] = ctxt.headers.has_key?(X_FORWARDED_FOR) ? true : false
+        end
+
+        def copy_grpc_info(ctxt)
+          # TODO: optimise this method and combine copy_http_info and copy_grpc_info
+          return if ctxt.nil?
+          http_request = {}
+          http_request[:body] = ctxt.body.is_a?(Array) ? "[#{ctxt.body.join(',')}]" : ctxt.body
+          http_request[:generationTime] = ctxt.time_stamp
+          http_request[:dataTruncated] = false
+          http_request[:method] = ctxt.method
+          http_request[:route] = ctxt.route
+          http_request[:url] = ctxt.url
+          http_request[:serverName] = ctxt.server_name
+          http_request[:serverPort] = ctxt.server_port
+          http_request[:clientIP] = ctxt.client_ip
+          http_request[:clientPort] = ctxt.client_port
+          http_request[:protocol] = :grpc
+          http_request[:headers] = ctxt.headers
+          http_request[:contentType] = "TODO: "
+          http_request[:isGrpc] = ctxt.is_grpc
+          @httpRequest = http_request
+          @metaData = ctxt.metadata
+        end
+
+        private
+
+        def pid
+          return ::Process.pid if ::Gem.win_platform?
+          ::Process.getpgrp
+        end
+
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+
+        def event_id
+          "#{Process.pid}:#{::Thread.current.object_id}:#{thread_monotonic_ctr}"
+        end
+
+        def thread_monotonic_ctr
+          ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context if NewRelic::Security::Agent::Control::HTTPContext.get_context
+          ctxt = NewRelic::Security::Agent::Control::GRPCContext.get_context if NewRelic::Security::Agent::Control::GRPCContext.get_context
+          ctxt.event_counter = ctxt.event_counter + 1 if ctxt
+        end
+
+        def add_linking_metadata
+          linking_metadata = Hash.new
+          linking_metadata[:agentRunId] = NewRelic::Security::Agent.config[:agent_run_id]
+          linking_metadata.merge!(NewRelic::Security::Agent.config[:linking_metadata])
+        end
+
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/event_counter.rb

@@ -0,0 +1,28 @@
+require 'thread'
+
+module NewRelic::Security
+  module Agent
+    module Control
+      class EventCounter
+        def initialize
+          @mutex = Mutex.new
+          @counter = 0
+        end
+
+        def increment
+          @mutex.synchronize do
+            @counter += 1
+          end
+        end
+
+        def fetch_and_reset_counter
+          @mutex.synchronize do
+            old_count = @counter
+            @counter = 0
+            old_count
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/event_processor.rb

@@ -0,0 +1,134 @@
+require 'thread'
+
+module NewRelic::Security
+  module Agent
+    module Control
+      EVENT_QUEUE_SIZE = 10_000
+      HEALTH_INTERVAL = 300
+
+      class EventProcessor
+
+        attr_accessor :eventQ, :event_dequeue_thread, :healthcheck_thread
+
+        def initialize
+          @first_event = true
+          @eventQ = ::SizedQueue.new(EVENT_QUEUE_SIZE)
+          create_dequeue_threads
+          create_keep_alive_thread
+          NewRelic::Security::Agent.init_logger.info "[STEP-5] => Security agent components started"
+        end
+
+        def send_app_info
+          NewRelic::Security::Agent.init_logger.info "[STEP-3] => Gathering information about the application"
+          app_info = NewRelic::Security::Agent::Control::AppInfo.new
+          app_info.update_app_info
+          NewRelic::Security::Agent.logger.info "Sending application info : #{app_info.to_json}"
+          NewRelic::Security::Agent.init_logger.info "Sending application info : #{app_info.to_json}"
+          enqueue(app_info)
+          app_info = nil
+        end
+
+        def send_application_url_mappings
+          application_url_mappings = NewRelic::Security::Agent::Control::ApplicationURLMappings.new
+          application_url_mappings.update_application_url_mappings
+          NewRelic::Security::Agent.logger.info "Sending application URL Mappings : #{application_url_mappings.to_json}"
+          enqueue(application_url_mappings)
+          application_url_mappings = nil
+        end
+
+        def send_event(event)
+          NewRelic::Security::Agent.agent.event_processed_count.increment
+          if NewRelic::Security::Agent::Utils.is_IAST_request?(event.httpRequest[:headers])
+            NewRelic::Security::Agent.agent.iast_event_stats.processed.increment
+          else
+            NewRelic::Security::Agent.agent.rasp_event_stats.processed.increment
+          end
+          enqueue(event)
+          if @first_event
+            NewRelic::Security::Agent.init_logger.info "[STEP-8] => First event sent for validation. Security agent started successfully : #{event.to_json}"
+            @first_event = false
+          end
+          event = nil
+        end
+
+        def send_health
+          health = NewRelic::Security::Agent::Control::Health.new
+          health.update_health_check
+          NewRelic::Security::Agent::Control::WebsocketClient.instance.send(health)
+          health = nil
+        end
+
+        def send_critical_message(message, level, caller, thread_name, exc)
+          if exc
+            exception = {}
+            exception[:message] = exc.message
+            exception[:cause] = exc.cause
+            exception[:stackTrace] = exc.backtrace.map(&:to_s)
+          end
+          critical_message = NewRelic::Security::Agent::Control::CriticalMessage.new(message, level, caller, thread_name, exception)
+          enqueue(critical_message)
+          critical_message = nil
+        end
+
+        def send_exit_event(exit_event)
+          NewRelic::Security::Agent.agent.exit_event_stats.processed.increment
+          enqueue(exit_event)
+          exit_event = nil
+        end
+
+        def send_iast_data_transfer_request(iast_data_transfer_request)
+          enqueue(iast_data_transfer_request)
+          iast_data_transfer_request = nil
+        end
+
+        private
+
+        def create_dequeue_threads
+          # TODO: Create 3 or more consumers for event sending
+          @event_dequeue_thread = Thread.new do
+            Thread.current.name = "newrelic_security_event_thread"
+            loop do
+              begin
+                data_to_be_sent = @eventQ.pop
+                NewRelic::Security::Agent::Control::WebsocketClient.instance.send(data_to_be_sent)
+              rescue => exception
+                NewRelic::Security::Agent.logger.error "Exception in event pop operation : #{exception.inspect}"
+              end
+            end
+          end
+        rescue Exception => exception
+          NewRelic::Security::Agent.logger.error "Exception in event queue creation : #{exception.inspect}"
+        end
+
+        def enqueue(message)
+          @eventQ.push(message, true)
+        rescue Exception => exception
+          NewRelic::Security::Agent.logger.error "Exception in event enqueue, #{exception.inspect}, Dropping message"
+          if message.jsonName == :Event
+            NewRelic::Security::Agent.agent.event_drop_count.increment
+            if NewRelic::Security::Agent::Utils.is_IAST_request?(message.httpRequest[:headers])
+              NewRelic::Security::Agent.agent.iast_event_stats.rejected.increment
+            else
+              NewRelic::Security::Agent.agent.rasp_event_stats.rejected.increment
+            end
+          end
+          NewRelic::Security::Agent.agent.exit_event_stats.rejected.increment if message.jsonName == :'exit-event'
+          NewRelic::Security::Agent.agent.iast_client.completed_requests.delete(message.parentId)
+        end
+
+        def create_keep_alive_thread
+          @healthcheck_thread = Thread.new {
+            Thread.current.name = "newrelic_security_healthcheck_thread"
+            while true do 
+              sleep HEALTH_INTERVAL
+              send_health if NewRelic::Security::Agent::Control::WebsocketClient.instance.is_open?
+            end
+          }
+        rescue Exception => exception
+          NewRelic::Security::Agent.logger.error "Exception in health check thread, #{exception.inspect}"
+        end
+
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/event_stats.rb

@@ -0,0 +1,26 @@
+module NewRelic::Security
+  module Agent
+    module Control
+      class EventStats
+
+        attr_accessor :processed, :sent, :rejected, :error_count
+
+        def initialize
+          @processed = NewRelic::Security::Agent::Control::EventCounter.new
+          @sent = NewRelic::Security::Agent::Control::EventCounter.new
+          @rejected = NewRelic::Security::Agent::Control::EventCounter.new
+          @error_count = NewRelic::Security::Agent::Control::EventCounter.new
+        end
+
+        def prepare_for_health_check
+          hash = {}
+          hash[:processed] = @processed.fetch_and_reset_counter
+          hash[:sent] = @sent.fetch_and_reset_counter
+          hash[:rejected] = @rejected.fetch_and_reset_counter
+          hash[:errorCount] = @error_count.fetch_and_reset_counter
+          hash
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/event_subscriber.rb

@@ -0,0 +1,28 @@
+module NewRelic::Security
+  module Agent
+    module Control
+      class EventSubscriber
+        def initialize
+            ::NewRelic::Agent.instance.events.subscribe(:server_source_configuration_added) {
+              NewRelic::Security::Agent.logger.info "NewRelic server_source_configuration_added for pid : #{Process.pid}, Parent Pid : #{Process.ppid}"
+              NewRelic::Security::Agent.init_logger.info "NewRelic server_source_configuration_added for pid : #{Process.pid}, Parent Pid : #{Process.ppid}"
+              NewRelic::Security::Agent.config.update_server_config
+              if NewRelic::Security::Agent.config[:enabled] && !NewRelic::Security::Agent.config[:high_security]
+                NewRelic::Security::Agent.agent.init
+              else
+                NewRelic::Security::Agent.logger.info "New Relic Security is disabled by one of the user provided config `security.enabled` or `high_security`."
+                NewRelic::Security::Agent.init_logger.info "New Relic Security is disabled by one of the user provided config `security.enabled` or `high_security`."
+              end
+            }
+            ::NewRelic::Agent.instance.events.subscribe(:security_policy_received) { |received_policy| 
+              NewRelic::Security::Agent.logger.info "security_policy_received pid ::::::: #{Process.pid} #{Process.ppid}, #{received_policy}"
+              NewRelic::Security::Agent.config[:policy].merge!(received_policy)
+              NewRelic::Security::Agent.init_logger.info "[STEP-7] => Received and applied policy/configuration : #{received_policy}"
+              NewRelic::Security::Agent.agent.start_iast_client if NewRelic::Security::Agent::Utils.is_IAST?
+            }
+        end
+      end
+    end
+  end
+end
+

data/lib/newrelic_security/agent/control/exit_event.rb

@@ -0,0 +1,38 @@
+require 'json'
+
+module NewRelic::Security
+  module Agent
+    module Control
+      class ExitEvent
+        attr_accessor :executionId, :caseType, :k2RequestIdentifier
+        attr_reader :jsonName
+        
+        def initialize
+          @collectorType = RUBY
+          @language = Ruby
+          @jsonName = :'exit-event'
+          @collectorVersion =  NewRelic::Security::VERSION
+          @buildNumber = nil
+          @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @groupName = NewRelic::Security::Agent.config[:mode]
+          @jsonVersion = NewRelic::Security::Agent.config[:json_version]
+          @policyVersion = nil
+          @framework = NewRelic::Security::Agent.config[:framework]
+          @executionId = nil
+          @caseType = nil
+          @k2RequestIdentifier = nil
+        end
+
+        def as_json
+          instance_variables.map! do |ivar|
+            [ivar[1..-1].to_sym, instance_variable_get(ivar)]
+          end.to_h
+        end
+
+        def to_json
+          as_json.to_json
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/fuzz_request.rb

@@ -0,0 +1,18 @@
+module NewRelic::Security
+  module Agent
+    module Control
+      class FuzzRequest
+        attr_reader :id
+        attr_accessor :request, :case_type, :reflected_metadata
+
+        def initialize(id)
+          @id = id
+          @request = nil
+          @case_type = nil
+          @reflected_metadata = nil
+        end
+        
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/grpc_context.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'set'
+
+module NewRelic::Security
+  module Agent
+    module Control
+      
+      class GRPCContext
+        
+        attr_accessor :time_stamp, :method, :headers, :body, :route, :cache, :fuzz_files, :url, :server_name, :server_port, :client_ip, :client_port, :is_grpc, :metadata, :event_counter
+
+        def initialize(grpc_request)
+          @time_stamp = current_time_millis
+          @method = grpc_request[:method]
+          @route = "/#{@method}"
+          @headers = grpc_request[:headers]
+          @body =  grpc_request[:body]
+          if defined?(::GRPC::RpcServer)
+            ObjectSpace.each_object(::GRPC::RpcServer) do |z|
+              grpc_host = z.instance_variable_get(:@host_nr)
+              grpc_port = z.instance_variable_get(:@port_nr)
+              @server_name = "#{grpc_host}:#{grpc_port}"
+              @server_port = grpc_port
+              @client_ip = grpc_request[:peer].rpartition(COLON)[0] if grpc_request[:peer]
+              @client_port = grpc_request[:peer].rpartition(COLON)[-1] if grpc_request[:peer]
+              @url = "/#{@method}"
+            end
+          end
+          @is_grpc = true
+          @metadata = { :reflectedMetaData => { :isGrpcClientStream => grpc_request[:is_grpc_client_stream], :isGrpcServerStream => grpc_request[:is_grpc_server_stream] } }
+          @cache = {}
+          @fuzz_files = ::Set.new
+          @event_counter = 0
+          NewRelic::Security::Agent.agent.http_request_count.increment
+        end
+
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+
+        def self.get_context
+          Thread.current[:security_context_data]
+        end
+
+        def self.set_context(grpc_request)
+          Thread.current[:security_context_data] = GRPCContext.new(grpc_request)
+        end
+
+        def self.reset_context
+          Thread.current[:security_context_data] = nil if Thread.current[:security_context_data]
+        end
+      end
+
+    end
+  end
+end

data/lib/newrelic_security/agent/control/health_check.rb

@@ -0,0 +1,136 @@
+require 'json'
+
+module NewRelic::Security
+  module Agent
+    module Control
+      class Health
+        attr_reader :jsonName, :stats, :serviceStatus
+
+        def initialize
+          @collectorType = RUBY
+          @language = Ruby
+          @jsonName = :LAhealthcheck
+          @eventType = :sec_health_check_lc
+          @timestamp = current_time_millis
+          @version = EMPTY_STRING
+          @groupName = NewRelic::Security::Agent.config[:mode]
+          @policyVersion = nil
+          @framework = NewRelic::Security::Agent.config[:framework]
+          @protectedServer = nil
+          @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @collectorVersion = NewRelic::Security::VERSION
+          @buildNumber = nil
+          @jsonVersion = NewRelic::Security::Agent.config[:json_version]
+          @eventSentCount = 0
+          @eventProcessed = 0
+          @eventDropCount = 0
+          @httpRequestCount = 0
+          @protectedVulnerabilties = nil
+          @protectedDB = nil
+          @linkingMetadata = add_linking_metadata
+          @stats = {}
+          @serviceStatus = {} # TODO: Fill this
+          @iastEventStats = {}
+          @raspEventStats = {}
+          @exitEventStats = {}
+        end
+
+        def as_json
+          instance_variables.map! do |ivar|
+            [ivar[1..-1].to_sym, instance_variable_get(ivar)]
+          end.to_h
+        end
+
+        def to_json
+          as_json.to_json
+        end
+
+        def update_health_check
+          @httpRequestCount = NewRelic::Security::Agent.agent.http_request_count.fetch_and_reset_counter
+          @eventProcessed = NewRelic::Security::Agent.agent.event_processed_count.fetch_and_reset_counter
+          @eventSentCount = NewRelic::Security::Agent.agent.event_sent_count.fetch_and_reset_counter
+          @eventDropCount = NewRelic::Security::Agent.agent.event_drop_count.fetch_and_reset_counter
+          @stats[:nCores] = nil # TODO: add cpu count here
+          @stats[:systemTotalMemoryMB] = system_total_memory_mb
+          @stats[:systemFreeMemoryMB] = system_free_memory_mb
+          @stats[:systemCpuLoad] = system_cpu_load
+          @stats[:processCpuUsage] = nil
+          @stats[:processRssMB] = nil # TODO: add process rss here
+          @stats[:processMaxHeapMB] = nil
+          @stats[:processHeapUsageMB] = nil
+          @stats[:processDirDiskFreeSpaceMB] = nil
+          @stats[:rootDiskFreeSpaceMB] = nil
+          @serviceStatus[:websocket] = NewRelic::Security::Agent::Control::WebsocketClient.instance.is_open? ? 'OK' : 'Error'
+          @serviceStatus[:logWriter] = NewRelic::Security::Agent.logger ? 'OK' : 'Error'
+          @serviceStatus[:initLogWriter] = NewRelic::Security::Agent.init_logger ? 'OK' : 'Error'
+          @serviceStatus[:agentActiveStat] = NewRelic::Security::Agent.config[:enabled] ? 'OK' : 'Error'
+          @serviceStatus[:iastRestClient] = NewRelic::Security::Agent::Utils.is_IAST? && !NewRelic::Security::Agent.agent.iast_client ? 'Error' : 'OK'
+          @iastEventStats = NewRelic::Security::Agent.agent.iast_event_stats.prepare_for_health_check
+          @raspEventStats = NewRelic::Security::Agent.agent.rasp_event_stats.prepare_for_health_check
+          @exitEventStats = NewRelic::Security::Agent.agent.exit_event_stats.prepare_for_health_check
+        rescue Exception => exception
+          NewRelic::Security::Agent::logger.error "Exception in finding update_health_check : #{exception.inspect} #{exception.backtrace}"
+        end
+
+        private
+        
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+
+        def add_linking_metadata
+          linking_metadata = Hash.new
+          linking_metadata[:agentRunId] = NewRelic::Security::Agent.config[:agent_run_id]
+          linking_metadata.merge!(NewRelic::Security::Agent.config[:linking_metadata])
+        end
+
+        def system_total_memory_mb
+          case RbConfig::CONFIG['host_os']
+          when /darwin9/
+            `sysctl -n hw.memsize`.to_f/1024**2
+          when /darwin/
+            `sysctl -n hw.memsize`.to_f/1024**2
+          when /linux/
+            `awk '/MemTotal/ {print $2}' /proc/meminfo`.to_f/1024
+          when /freebsd/
+            `sysctl sysctl hw.physmem`.to_f/1024**2
+          end
+        rescue Exception => exception
+          NewRelic::Security::Agent::logger.error "Exception in finding system_total_memory_mb : #{exception.inspect} #{exception.backtrace}"
+        end
+    
+        def system_free_memory_mb
+          # TODO: Add free memory logic for darwin
+          case RbConfig::CONFIG['host_os']
+          when /darwin9/
+            ''
+          when /darwin/
+            ''
+          when /linux/
+            `awk '/MemFree/ {print $2}' /proc/meminfo`.to_f/1024
+          when /freebsd/
+            ''
+          end
+        rescue Exception => exception
+          NewRelic::Security::Agent::logger.error "Exception in finding system_free_memory_mb : #{exception.inspect} #{exception.backtrace}"
+        end
+    
+        def system_cpu_load
+          case RbConfig::CONFIG['host_os']
+          when /darwin9/
+            `uptime | awk '// {print $11}'`.to_f
+          when /darwin/
+            `uptime | awk '// {print $11}'`.to_f
+          when /linux/
+            `uptime | awk '// {print $11}' | sed 's/,$//'`.to_f
+          when /freebsd/
+            ''
+          end
+        rescue Exception => exception
+          NewRelic::Security::Agent::logger.error "Exception in finding system_cpu_load : #{exception.inspect} #{exception.backtrace}"
+        end
+
+      end 
+    end
+  end
+end