newrelic_security 0.2.0 → 0.3.0

data/lib/newrelic_security/agent/control/websocket_client.rb

@@ -21,6 +21,8 @@ module NewRelic::Security
       NR_CSEC_ENTITY_NAME = 'NR-CSEC-ENTITY-NAME'
       NR_CSEC_ENTITY_GUID = 'NR-CSEC-ENTITY-GUID'
       NR_CSEC_IAST_DATA_TRANSFER_MODE = 'NR-CSEC-IAST-DATA-TRANSFER-MODE'
+      NR_CSEC_IGNORED_VUL_CATEGORIES = 'NR-CSEC-IGNORED-VUL-CATEGORIES'
+      NR_CSEC_PROCESS_START_TIME = 'NR-CSEC-PROCESS-START-TIME'
 
       class WebsocketClient
         include Singleton
@@ -43,6 +45,8 @@ module NewRelic::Security
           headers[NR_CSEC_ENTITY_NAME] = NewRelic::Security::Agent.config[:app_name]
           headers[NR_CSEC_ENTITY_GUID] = NewRelic::Security::Agent.config[:entity_guid]
           headers[NR_CSEC_IAST_DATA_TRANSFER_MODE] = PULL
+          headers[NR_CSEC_IGNORED_VUL_CATEGORIES] = ingnored_vul_categories.join(COMMA)
+          headers[NR_CSEC_PROCESS_START_TIME] = NewRelic::Security::Agent.config[:process_start_time]
 
           begin
             cert_store = ::OpenSSL::X509::Store.new
@@ -130,6 +134,20 @@ module NewRelic::Security
           false
         end
 
+        private
+
+        def ingnored_vul_categories
+          list = []
+          list << FILE_OPERATION << FILE_INTEGRITY if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.invalid_file_access']
+          list << SQL_DB_COMMAND if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.sql_injection']
+          list << NOSQL_DB_COMMAND if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.nosql_injection']
+          list << LDAP if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.ldap_injection']
+          list << SYSTEM_COMMAND if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.command_injection']
+          list << XPATH if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.xpath_injection']
+          list << HTTP_REQUEST if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.ssrf']
+          list << REFLECTED_XSS if NewRelic::Security::Agent.config[:'security.exclude_from_iast_scan.iast_detection_category.rxss']
+          list
+        end
       end
     end
   end

data/lib/newrelic_security/agent/utils/agent_utils.rb

@@ -15,8 +15,7 @@ module NewRelic::Security
       ASTERISK = '*'
 
       def is_IAST?
-        return false if NewRelic::Security::Agent.config[:policy].empty?
-        return NewRelic::Security::Agent.config[:policy][VULNERABILITY_SCAN][IAST_SCAN][ENABLED] if NewRelic::Security::Agent.config[:policy][VULNERABILITY_SCAN][ENABLED]
+        return true if NewRelic::Security::Agent.config[:mode] == IAST
         false
       end
 
@@ -96,7 +95,8 @@ module NewRelic::Security
 
       def get_app_routes(framework, router = nil)
         enable_object_space_in_jruby
-        if framework == :rails
+        case framework
+        when :rails
           ::Rails.application.routes.routes.each do |route|
             if route.verb.is_a?(::Regexp)
               method = route.verb.inspect.match(/[a-zA-Z]+/)
@@ -107,27 +107,31 @@ module NewRelic::Security
               }
             end
           end
-        elsif framework == :sinatra
+        when :sinatra
           ::Sinatra::Application.routes.each do |method, routes|
             routes.map { |r| r.first.to_s }.map do |route|
               NewRelic::Security::Agent.agent.route_map << "#{method}@#{route}"
             end
           end
-        elsif framework == :grape
+        when :grape
           ObjectSpace.each_object(::Grape::Endpoint) { |z|
             z.instance_variable_get(:@routes)&.each { |route|
               http_method = route.instance_variable_get(:@request_method) || route.instance_variable_get(:@options)[:method]
               NewRelic::Security::Agent.agent.route_map << "#{http_method}@#{route.pattern.origin}"
             }
           }
-        elsif framework == :padrino
+        when :padrino
           if router.instance_of?(::Padrino::PathRouter::Router)
             router.instance_variable_get(:@routes).each do |route|
               NewRelic::Security::Agent.agent.route_map << "#{route.instance_variable_get(:@verb)}@#{route.matcher.instance_variable_get(:@path)}"
             end
           end
-        elsif framework == :roda
+        when :roda
           NewRelic::Security::Agent.logger.warn "TODO: Roda is a routing tree web toolkit, which generates route dynamically, hence route extraction is not possible."
+        when :grpc
+          router.owner.superclass.public_instance_methods(false).each do |m|
+            NewRelic::Security::Agent.agent.route_map << "*@/#{router.owner}/#{m}"
+          end
         else
           NewRelic::Security::Agent.logger.error "Unable to get app routes as Framework not detected"
         end

data/lib/newrelic_security/constants.rb

@@ -17,6 +17,7 @@ module NewRelic::Security
   NR_CSEC_FUZZ_REQUEST_ID = 'nr-csec-fuzz-request-id'
   NR_CSEC_TRACING_DATA = 'nr-csec-tracing-data'
   NR_CSEC_PARENT_ID = 'nr-csec-parent-id'
+  IAST = 'IAST'
   COLON_IAST_COLON = ':IAST:'
   NOSQL_DB_COMMAND = 'NOSQL_DB_COMMAND'
   SQL_DB_COMMAND = 'SQL_DB_COMMAND'
@@ -63,6 +64,4 @@ module NewRelic::Security
   CONTENT_TYPE1 = 'content-Type'
   PULL = 'PULL'
   SHA1 = 'sha1'
-  VULNERABILITY_SCAN = 'vulnerabilityScan'
-  IAST_SCAN = 'iastScan'
 end

data/lib/newrelic_security/instrumentation-security/async-http/instrumentation.rb

@@ -6,22 +6,11 @@ module NewRelic::Security
   module Instrumentation
     module AsyncHttp
 
-      def call_on_enter(method, url, headers, body)
+      def call_on_enter(_method, url, headers, _body)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = method
         uri = ::URI.parse url
-        ob[:scheme]  = uri.scheme
-        ob[:host]    = uri.host
-        ob[:port]    = uri.port
-        ob[:URI]     = uri.to_s
-        ob[:path]    = uri.path
-        ob[:query]   = uri.query
-        ob[:Body] = body.respond_to?(:join) ? body.join.to_s : body.to_s
-        ob[:Headers] = headers.to_h
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri.to_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.append_tracing_data(headers, event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/curb/instrumentation.rb

@@ -12,20 +12,7 @@ module NewRelic::Security
         self.requests.each {
           |key, req|
           uri = NewRelic::Security::Instrumentation::InstrumentationUtils.parse_uri(req.url)
-          ob = {}
-          if uri
-            ob[:Method]  = nil
-            ob[:scheme]  = uri.scheme
-            ob[:host]    = uri.host
-            ob[:port]    = uri.port
-            ob[:URI]     = uri.to_s
-            ob[:path]    = uri.path
-            ob[:query]   = uri.query
-            ob[:Body]    = req.post_body
-            ob[:Headers] = req.headers
-            ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-            ic_args.push(ob)
-          end
+          ic_args.push(uri.to_s) if uri
         }
         event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, ic_args)
         self.requests.each { |key, req| NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(req.headers, event) } if event

data/lib/newrelic_security/instrumentation-security/ethon/chain.rb

@@ -7,12 +7,6 @@ module NewRelic::Security
             ::Ethon::Easy.class_eval do
               include NewRelic::Security::Instrumentation::Ethon::Easy
 
-              alias_method :fabricate_without_security, :fabricate
-    
-              def fabricate(url, action_name, options)
-                fabricate_on_enter(url, action_name, options) { return fabricate_without_security(url, action_name, options) }
-              end
-
               alias_method(:headers_equals_without_security, :headers=)
     
               def headers=(headers)

data/lib/newrelic_security/instrumentation-security/ethon/instrumentation.rb

@@ -7,46 +7,25 @@ module NewRelic::Security
     module Ethon
       module Easy
 
-        def fabricate_on_enter(url, action_name, options)
-          NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id] = { :method => action_name } if NewRelic::Security::Agent::Control::HTTPContext.get_context
-          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:body] = options[:body] if NewRelic::Security::Agent::Control::HTTPContext.get_context
-        rescue => exception
-          NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
-        ensure
-          yield
-        end
-
         def headers_equals_on_enter(headers)
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:headers] = headers if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id]
+          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[object_id][:headers] = headers if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[object_id]
         rescue => exception
           NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
         ensure
           yield
         end
 
-        def perform_on_enter(*args)
+        def perform_on_enter(*_args)
           event = nil
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-          context = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
+          context = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
           uri = ::URI.parse(url)
-          ob = {}
-          ob[:Method] = context[:method] if context
-          ob[:scheme] = uri.scheme
-          ob[:host] = uri.host
-          ob[:port] = uri.port
-          ob[:URI] = uri.to_s
-          ob[:path] = uri.path
-          ob[:query] = uri.query
-          ob[:Body] = context[:body] if context
-          ob[:Headers] = context[:headers] if context
-          ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-          event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+          event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri.to_s])
           headers_copy = {}
           headers_copy.merge!(context[:headers]) if context&.key?(:headers)
           NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(headers_copy, event) if event
-          self.headers = headers_copy if self.headers 
+          self.headers = headers_copy if headers 
           event
         rescue => exception
           NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
@@ -67,27 +46,13 @@ module NewRelic::Security
 
       module Multi
 
-        def perform_on_enter(*args)
+        def perform_on_enter(*_args)
           event = nil
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
           ic_args = []
           easy_handles.each do |easy|
-            context = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[easy.object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
             uri = NewRelic::Security::Instrumentation::InstrumentationUtils.parse_uri(easy.url)
-            if uri
-              ob = {}
-              ob[:Method] = context[:method] if context
-              ob[:scheme] = uri.scheme
-              ob[:host] = uri.host
-              ob[:port] = uri.port
-              ob[:URI] = easy.url.to_s
-              ob[:path] = uri.path
-              ob[:query] = uri.query
-              ob[:Body] = context[:body] if context
-              ob[:Headers] = context[:headers] if context
-              ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-              ic_args << ob
-            end
+            ic_args << easy.url.to_s if uri
           end
           event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, ic_args) unless ic_args.empty?
           easy_handles.each do |easy|

data/lib/newrelic_security/instrumentation-security/ethon/prepend.rb

@@ -4,10 +4,6 @@ module NewRelic::Security
       module Easy
         module Prepend
           include NewRelic::Security::Instrumentation::Ethon::Easy
-
-          def fabricate(url, action_name, options)
-            fabricate_on_enter(url, action_name, options) { return super }
-          end
   
           def headers=(headers)
             headers_equals_on_enter(headers) { return super }

data/lib/newrelic_security/instrumentation-security/excon/instrumentation.rb

@@ -5,21 +5,11 @@ module NewRelic::Security
   module Instrumentation
     module Excon::Connection
 
-      def request_on_enter(params)
+      def request_on_enter(_params)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = params[:method]
-        ob[:scheme]  = self.data[:scheme]
-        ob[:host]    = self.data[:host]
-        ob[:port]    = self.data[:port]
-        ob[:URI]     = self.data[:query].nil? ? "#{self.data[:host]}#{self.data[:path]}" : "#{self.data[:host]}#{self.data[:path]}?#{self.data[:query]}"
-        ob[:path]    = self.data[:path]
-        ob[:query]   = self.data[:query]
-        ob[:Body] = self.data[:body]
-        ob[:Headers] = self.data[:headers]
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        uri = "#{self.data[:scheme]}://#{self.data[:host]}#{self.data[:path]}"
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(self.data[:headers], event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/grape/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:grape) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/instrumentation-security/grpc/server/instrumentation.rb

@@ -6,7 +6,7 @@ module NewRelic::Security
   module Instrumentation
     module GRPC
       module RpcDesc
-        def grpc_server_on_enter(active_call, mth, inter_ctx, is_grpc_client_stream, is_grpc_server_stream)
+        def grpc_server_on_enter(active_call, mth, _inter_ctx, is_grpc_client_stream, is_grpc_server_stream)
           event = nil
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
           grpc_request = {}
@@ -14,10 +14,11 @@ module NewRelic::Security
           grpc_request[:peer] = active_call.peer
           # puts "mth : #{mth.class} #{mth.methods}"
           # puts "mth :#{mth.original_name}, #{mth.to_s}, #{mth.name}, #{mth.receiver}, #{mth.parameters}, #{mth.owner}, #{mth.unbind}, #{mth.super_method},, #{mth.instance_variables}"
+          NewRelic::Security::Agent::Utils.get_app_routes(:grpc, mth) if NewRelic::Security::Agent.agent.route_map.empty?
           grpc_request[:method] = "#{mth.owner}/#{mth.original_name}"
           grpc_request[:is_grpc_client_stream] = is_grpc_client_stream
           grpc_request[:is_grpc_server_stream] = is_grpc_server_stream
-          is_grpc_client_stream ? grpc_request[:body] = [] : grpc_request[:body] = ::String.new
+          grpc_request[:body] = is_grpc_client_stream ? [] : ::String.new
           NewRelic::Security::Agent::Control::GRPCContext.set_context(grpc_request)
           NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::GRPCContext.get_context)
         rescue => exception

data/lib/newrelic_security/instrumentation-security/httpclient/instrumentation.rb

@@ -8,20 +8,8 @@ module NewRelic::Security
       def do_request_on_enter(method, uri, query, body, header)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = method
-        unless uri.nil?
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-        end
-        ob[:Body] = body
-        ob[:Headers] = header
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        uri_s = uri.to_s unless uri.nil?
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(header, event) if event
         event
       rescue => exception
@@ -43,20 +31,8 @@ module NewRelic::Security
       def do_request_async_on_enter(method, uri, query, body, header)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = method
-        unless uri.nil?
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-        end
-        ob[:Body] = body
-        ob[:Headers] = header
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        uri_s = uri.to_s unless uri.nil?
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(header, event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/httprb/instrumentation.rb

@@ -8,19 +8,8 @@ module NewRelic::Security
       def perform_on_enter(request, options)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-				ob[:Method] = request.verb
-        ob[:scheme] = request.scheme
-        ob[:host] = request.uri.host
-        ob[:port] = request.uri.port
-        ob[:URI] = request.uri.to_s
-        ob[:path] = request.uri.path
-        ob[:query] = request.uri.query
-        ob[:Body] = request.body.source.to_s
-        ob[:Headers] = options.headers.to_h
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [request.uri.to_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(options.headers, event) if event
-        ob = nil
         event
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/httpx/instrumentation.rb

@@ -9,21 +9,7 @@ module NewRelic::Security
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
         ic_args = []
-        args.each do |arg|
-          ob = {}
-          ob[:Method] = arg.verb
-          uri = arg.uri
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-          ob[:Body]    = arg.body.bytesize.positive? ? arg.body.to_s : ""
-          ob[:Headers] = arg.headers
-          ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-          ic_args << ob
-        end
+        args.each { |arg| ic_args << arg.uri.to_s }
         event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, ic_args)
         args.each do |arg|
           NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(arg.headers, event) if event

data/lib/newrelic_security/instrumentation-security/instrumentation_utils.rb

@@ -143,23 +143,6 @@ module NewRelic::Security
         return nil
       end
 
-      def parse_typhoeus_request(request)
-        ob = {}
-        ob[:Method] = request.options[:method].nil? ? :get : request.options[:method]
-        ob[:URI] = request.base_url
-        ob[:Body] = request.options[:body]
-        ob[:Headers] = request.options[:headers]
-        uri_parsed = parse_uri(request.base_url)
-        if !uri_parsed.nil?
-          ob[:scheme] = uri_parsed.scheme
-          ob[:host] = uri_parsed.host
-          ob[:port] = uri_parsed.port
-          ob[:path] = uri_parsed.path
-          ob[:query] = uri_parsed.query
-        end
-        ob
-      end
-
     end
   end
 end

data/lib/newrelic_security/instrumentation-security/net_http/instrumentation.rb

@@ -13,30 +13,13 @@ module NewRelic::Security
       def transport_request_on_enter(req)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-				ob[:Method] = req.method
-				if req.uri != nil && URI === req.uri
-					uri = req.uri
-					ob[:scheme]  = uri.scheme
-					ob[:host]    = uri.host
-					ob[:port]    = uri.port
-					ob[:URI]     = uri.to_s
-					ob[:path]    = uri.path
-					ob[:query]   = uri.query
-				else
-					ob[:scheme]  = self.use_ssl? ? HTTPS : HTTP
-					ob[:host]    = self.address
-					ob[:port]    = self.port
-					ob[:path]    = req.path
-					ob[:query]   = nil
-					ob[:URI] = "#{self.use_ssl? ? HTTPS_COLON_SLASH_SLAH : HTTP_COLON_SLASH_SLAH }#{self.address}:#{self.port}#{req.path}"
-				end
-				ob[:Body] = req.body
-				ob[:Headers] = req.to_hash.transform_values! { |v| v.join}
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+				uri = if req.uri && URI === req.uri
+          req.uri.to_s
+				      else
+                "#{self.use_ssl? ? HTTPS_COLON_SLASH_SLAH : HTTP_COLON_SLASH_SLAH }#{self.address}:#{self.port}#{req.path}"
+          end
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(req, event) if event
-        ob = nil
         event
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/net_ldap/instrumentation.rb

@@ -18,7 +18,7 @@ module NewRelic::Security
           # to know the capabilities of Ldap server. In these
           # situations they don't provide the query parameter, so we filter
           # this event
-          NewRelic::Security::Agent.logger.info "Filtered #{self.class}.#{__method__} because of insufficient args. args : #{args}\n"
+          NewRelic::Security::Agent.logger.debug "Filtered #{self.class}.#{__method__} because of insufficient args. args : #{args}\n"
         end
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:padrino, self) if NewRelic::Security::Agent.agent.route_map.empty?
         extracted_env = env.instance_variable_get(:@env)

data/lib/newrelic_security/instrumentation-security/patron/instrumentation.rb

@@ -7,25 +7,12 @@ module NewRelic::Security
   module Instrumentation
     module Patron::Session
 
-      def request_on_enter(action, url, headers, options)
+      def request_on_enter(_action, url, headers, _options)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = action
         final_url = self.base_url.nil? ? url : "#{self.base_url}#{url}"
         uri = NewRelic::Security::Instrumentation::InstrumentationUtils.parse_uri(final_url)
-        if uri
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-          ob[:Body] = options[:data]
-          ob[:Headers] = headers
-          ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-          event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
-        end
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri.to_s]) if uri
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(headers, event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/rails/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:rails) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def _roda_handle_main_route_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:roda) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/instrumentation-security/sinatra/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:sinatra) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/newrelic-security-api/api.rb

@@ -14,7 +14,7 @@ module NewRelic::Security
     # @api public
     # 
     def is_security_active?
-      NewRelic::Security::Agent.config[:'agent.enabled'] && NewRelic::Security::Agent.config[:enabled]
+      NewRelic::Security::Agent.config[:'agent.enabled'] && NewRelic::Security::Agent.config[:'security.enabled'] && NewRelic::Security::Agent.config[:enabled]
     end
 
     #