tcell_agent 1.1.3 → 1.1.4

data/lib/tcell_agent/sensor_events/honeytokens.rb

@@ -4,13 +4,13 @@ require 'tcell_agent/sensor_events/util/sanitizer_utilities'
 require 'tcell_agent/sensor_events/sensor'
 
 module TCellAgent
-    module SensorEvents
-        class HoneytokensSensorEvent < TCellSensorEvent
-            def initialize(request, token_id)
-                super("honeytoken")
-                self["id"] = token_id
-                self["ip"] = request.remote_ip
-            end
-        end
+  module SensorEvents
+    class HoneytokensSensorEvent < TCellSensorEvent
+      def initialize(request, token_id)
+        super('honeytoken')
+        self['id'] = token_id
+        self['ip'] = request.remote_ip
+      end
     end
-end
+  end
+end

data/lib/tcell_agent/sensor_events/metrics.rb

@@ -21,7 +21,7 @@ module TCellAgent
       attr_accessor :route_id
       attr_accessor :response_time
       def initialize(route_id, response_time)
-        super("RequestRouteTimer")
+        super('RequestRouteTimer')
         self.route_id = route_id
         self.response_time = response_time
         @send = false
@@ -29,11 +29,12 @@ module TCellAgent
     end
 
     class MetricsEvent < TCellSensorEvent
-      def initialize()
-        super("metrics")
+      def initialize
+        super('metrics')
       end
+
       def set_route_count_table(route_count_table)
-        self["rct"] = route_count_table
+        self['rct'] = route_count_table
       end
     end
 
@@ -42,12 +43,12 @@ module TCellAgent
         def initialize(object_counter, user_id)
           @object_counter = object_counter
           @user_agents = {}
-          self["uid"] = user_id
-          self["track"] = []
+          self['uid'] = user_id
+          self['track'] = []
         end
 
         def add_user_agent_ip(truncated_agent, ip_address)
-          if @user_agents.has_key?(truncated_agent)
+          if @user_agents.key?(truncated_agent)
             tracked_agents = @user_agents[truncated_agent]
             ips = tracked_agents[1]
             unless ips.include?(ip_address)
@@ -57,7 +58,7 @@ module TCellAgent
           else
             @object_counter.add_object
             @user_agents[truncated_agent] = [truncated_agent, [ip_address]]
-            self["track"].push(@user_agents[truncated_agent])
+            self['track'].push(@user_agents[truncated_agent])
           end
         end
       end
@@ -69,7 +70,7 @@ module TCellAgent
         end
 
         def add_user_id_user_agent_ip(user_id, truncated_agent, ip_address)
-          if @user_ids.has_key?(user_id)
+          if @user_ids.key?(user_id)
             user_id_info = @user_ids[user_id]
             user_id_info.add_user_agent_ip(truncated_agent, ip_address)
           else
@@ -78,41 +79,39 @@ module TCellAgent
             @user_ids[user_id] = user_id_info = UserSessionTrackMetric.new(@object_counter, user_id)
             user_id_info.add_user_agent_ip(truncated_agent, ip_address)
 
-            self.push(user_id_info)
+            push(user_id_info)
           end
         end
       end
 
-      def initialize()
-        super("metrics")
+      def initialize
+        super('metrics')
         @send = false
         @flush = false
 
-        self["sessions"] = {}
+        self['sessions'] = {}
         @has_sessions = false
         @object_counter = Counter.new
       end
 
-      def has_sessions?
+      def sessions?
         @has_sessions
       end
 
       def add_session_info(hmac_session_id, user_id, ip_address, user_agent)
         if @object_counter.counter >= 250
-          TCellAgent.logger.warn("Sessions Metric is full. Information dropped")
+          TCellAgent.logger.warn('Sessions Metric is full. Information dropped')
 
         else
-          self["sessions"][hmac_session_id] =
-            self["sessions"].fetch(hmac_session_id, UserSessionMetric.new(@object_counter))
+          self['sessions'][hmac_session_id] =
+            self['sessions'].fetch(hmac_session_id, UserSessionMetric.new(@object_counter))
 
           @has_sessions = true
 
           truncated_agent = truncated_user_agent(user_agent)
-          self["sessions"][hmac_session_id].add_user_id_user_agent_ip(user_id, truncated_agent, ip_address)
+          self['sessions'][hmac_session_id].add_user_id_user_agent_ip(user_id, truncated_agent, ip_address)
 
-          if @object_counter.counter >= 200
-            @flush = true
-          end
+          @flush = true if @object_counter.counter >= 200
         end
       end
 

data/lib/tcell_agent/sensor_events/patches.rb

@@ -2,22 +2,20 @@ require 'tcell_agent/sensor_events/sensor'
 
 module TCellAgent
   module SensorEvents
-
     class PatchesEvent < TCellSensorEvent
       def initialize(rust_response, appsensor_meta)
-        super("patches")
+        super('patches')
 
-        self["patches_pid"] = rust_response["patches_policy_id"]
-        self["rule_id"] = rust_response["rule_id"]
-        self["action"] = "blocked"
-        self["sz"] = appsensor_meta.request_content_bytes_len if appsensor_meta.request_content_bytes_len
-        self["m"] = appsensor_meta.method if appsensor_meta.method
-        self["remote_addr"] = appsensor_meta.remote_address if appsensor_meta.remote_address
-        self["uri"] = TCellAgent::SensorEvents::Util.strip_uri_values(appsensor_meta.location) if appsensor_meta.location
-        self["regex_pid"] = rust_response["regex_pid"] if rust_response["regex_pid"]
-        self["payload"] = rust_response["payload"] if rust_response["payload"]
+        self['patches_pid'] = rust_response['patches_policy_id']
+        self['rule_id'] = rust_response['rule_id']
+        self['action'] = 'blocked'
+        self['sz'] = appsensor_meta.request_content_bytes_len if appsensor_meta.request_content_bytes_len
+        self['m'] = appsensor_meta.method if appsensor_meta.method
+        self['remote_addr'] = appsensor_meta.remote_address if appsensor_meta.remote_address
+        self['uri'] = TCellAgent::SensorEvents::Util.strip_uri_values(appsensor_meta.location) if appsensor_meta.location
+        self['regex_pid'] = rust_response['regex_pid'] if rust_response['regex_pid']
+        self['payload'] = rust_response['payload'] if rust_response['payload']
       end
     end
-
   end
 end

data/lib/tcell_agent/sensor_events/sensor.rb

@@ -6,7 +6,6 @@ require 'uri'
 
 module TCellAgent
   module SensorEvents
-
     class TCellSensorEvent < Hash
       attr_accessor :send, :flush, :ensure
 
@@ -14,37 +13,35 @@ module TCellAgent
         @send = true
         @flush = false
         @ensure = false
-        @timestamp = DateTime.now.to_time.to_i
-        self["event_type"] = event_type
+        @timestamp = Time.now.to_i
+        self['event_type'] = event_type
       end
 
-      def calculateOffset(from_timestamp)
-        self["offset"] = from_timestamp - @timestamp
+      def calculate_offset(from_timestamp)
+        self['offset'] = from_timestamp - @timestamp
       end
 
       def post_process
         # This is called in the background thread, so any
-        #   santization, analysis, etc doesn't get in the way
+        # santization, analysis, etc doesn't get in the way
       end
 
       def bucket_key
-        return nil
+        nil
       end
     end
 
     class TCellHttpTxSensorEvent < TCellSensorEvent
       def initialize(request, response)
-        super("http_tx")
+        super('http_tx')
         @raw_request = request
         @raw_response = response
       end
+
       def post_process
-        if defined?@raw_request
-          self["request"] = Util.request_sanitized_json(@raw_request)
-        end
-        if defined?@raw_response
-          self["response"] = Util.response_sanitized_json(@raw_response)
-        end
+        self['request'] = Util.request_sanitized_json(@raw_request) if defined? @raw_request
+
+        self['response'] = Util.response_sanitized_json(@raw_response) if defined? @raw_response
       end
     end
 
@@ -56,38 +53,37 @@ module TCellAgent
                      route_id,
                      status_code,
                      remote_addr,
-                     hmac_session_id=nil,
-                     user_id=nil)
-        super("redirect")
-        self["method"] = method
-        self["from_domain"] = original_domain
-        self["status_code"] = status_code
-        self["remote_addr"] = remote_addr
-        self["to"] = redirect_domain
-        self["uid"] = user_id.to_s if user_id
-        self["from"] = Util.strip_uri_values(original_url)
-        self["rid"] = route_id if route_id
-        self["sid"] = hmac_session_id if hmac_session_id
+                     hmac_session_id = nil,
+                     user_id = nil)
+        super('redirect')
+        self['method'] = method
+        self['from_domain'] = original_domain
+        self['status_code'] = status_code
+        self['remote_addr'] = remote_addr
+        self['to'] = redirect_domain
+        self['uid'] = user_id.to_s if user_id
+        self['from'] = Util.strip_uri_values(original_url)
+        self['rid'] = route_id if route_id
+        self['sid'] = hmac_session_id if hmac_session_id
       end
     end
 
     class TCellFingerprintSensorEvent < TCellSensorEvent
-      def initialize(request, hmac_session_id, user_id=nil)
-        super("fingerprint")
+      def initialize(request, hmac_session_id, user_id = nil)
+        super('fingerprint')
         @raw_request = request
         @hmac_session_id = hmac_session_id
         @user_id = user_id
       end
+
       def post_process
-        if !(@raw_request.headers.key?("HTTP_USER_AGENT"))
-          raise "User Agent not Found!"
-        end
-        self["ua"] = @raw_request.headers["HTTP_USER_AGENT"]
-        self["ip"] = @raw_request.remote_ip
-        self["sid"] = @hmac_session_id
-        if @user_id
-          self["uid"] = @user_id
+        unless @raw_request.headers.key?('HTTP_USER_AGENT')
+          raise 'User Agent not Found!'
         end
+        self['ua'] = @raw_request.headers['HTTP_USER_AGENT']
+        self['ip'] = @raw_request.remote_ip
+        self['sid'] = @hmac_session_id
+        self['uid'] = @user_id if @user_id
       end
     end
   end

data/lib/tcell_agent/sensor_events/server_agent.rb

@@ -7,141 +7,144 @@ require 'tcell_agent/sensor_events/util/utils'
 require 'etc'
 
 module TCellAgent
-    module SensorEvents
-        class FlushDummyEvent < TCellSensorEvent
-          def initialize
-            super("dummy")
-            @send = false
-            @flush = true
+  module SensorEvents
+    class FlushDummyEvent < TCellSensorEvent
+      def initialize
+        super('dummy')
+        @send = false
+        @flush = true
+      end
+    end
+
+    class ServerAgentDetailsSensorEvent < TCellSensorEvent
+      def initialize
+        super('server_agent_details')
+        @flush = true
+        @ensure = true
+
+        self['user'] = 'unknown'
+        self['group'] = 'unknown'
+
+        begin
+          login = Etc.getlogin
+          if login
+            self['user'] = login
+            begin
+              info = Etc.getpwnam(login)
+              self['group'] = info.gid.to_s
+            rescue StandardError => te
+              TCellAgent.logger.warn("Exception finding group id: #{te.message}")
+              TCellAgent.logger.debug(te.backtrace)
+            end
           end
+        rescue StandardError => to
+          TCellAgent.logger.warn("Exception finding user & group: #{to.message}")
+          TCellAgent.logger.debug(te.backtrace)
         end
-        class ServerAgentDetailsSensorEvent < TCellSensorEvent
-            def initialize
-                super("server_agent_details")
-                @flush = true
-                @ensure = true
 
-                self["user"] = "unknown"
-                self["group"] = "unknown"
+        TCellAgent.logger.debug("User #{self['user']}")
+        TCellAgent.logger.debug("Group #{self['group']}")
+      end
+    end
 
-                begin
-                    login = Etc.getlogin
-                    if login
-                      self["user"] = login
-                      begin
-                          info = Etc.getpwnam(login)
-                          self["group"] = info.gid.to_s
-                      rescue StandardError => te
-                          TCellAgent.logger.warn("Exception finding group id: #{te.message}")
-                          TCellAgent.logger.debug(te.backtrace)
-                      end
-                    end
+    class ServerAgentDetailsLanguageEvent < TCellSensorEvent
+      def initialize(language, language_version)
+        super('server_agent_details')
+        @flush = true
+        @ensure = true
+        self['language'] = language
+        self['language_version'] = language_version
+      end
+    end
 
-                rescue StandardError => to
-                    TCellAgent.logger.warn("Exception finding user & group: #{to.message}")
-                    TCellAgent.logger.debug(te.backtrace)
-                end
+    class ServerAgentAppFrameworkEvent < TCellSensorEvent
+      def initialize(framework_name, framework_version)
+        super('server_agent_details')
+        @flush = true
+        @ensure = true
+        self['app_framework'] = framework_name
+        self['app_framework_version'] = framework_version
+      end
+    end
 
-                TCellAgent.logger.debug("User #{self["user"]}")
-                TCellAgent.logger.debug("Group #{self["group"]}")
-            end
-        end
-        class ServerAgentDetailsLanguageEvent < TCellSensorEvent
-            def initialize(language, language_version)
-                super("server_agent_details")
-                @flush = true
-                @ensure = true
-                self["language"] = language
-                self["language_version"] = language_version
+    class ServerAgentPackagesSensorEvent < TCellSensorEvent
+      def initialize
+        super('server_agent_packages')
+        @flush = true
+        @ensure = true
+        packages = []
+        Gem.loaded_specs.values.map do |x|
+          begin
+            if x.name
+              package = { 'n' => x.name, 'v' => x.version.version }
+              packages.push(package)
+              TCellAgent.logger.debug("Adding packages #{x.name}")
             end
+          rescue StandardError => te
+            TCellAgent.logger.error("Exception adding package: #{te.message}")
+            TCellAgent.logger.debug(te.backtrace)
+          end
         end
+        self['packages'] = packages
+      end
+    end
 
-        class ServerAgentAppFrameworkEvent < TCellSensorEvent
-            def initialize(framework_name, framework_version)
-                super("server_agent_details")
-                @flush = true
-                @ensure = true
-                self["app_framework"] = framework_name
-                self["app_framework_version"] = framework_version
-            end
-        end
-        class ServerAgentPackagesSensorEvent < TCellSensorEvent
-            def initialize
-                super("server_agent_packages")
-                @flush = true
-                @ensure = true
-                packages = []
-                Gem.loaded_specs.values.map { |x| 
-                    begin
-                        if x.name
-                            package = {"n"=>x.name, "v"=>x.version.version}
-                            packages.push(package)
-                            TCellAgent.logger.debug("Adding packages #{x.name}")
-                        end
-                    rescue StandardError => te
-                        TCellAgent.logger.error("Exception adding package: #{te.message}")
-                        TCellAgent.logger.debug(te.backtrace)
-                    end
-                }
-                self["packages"] = packages
-            end
-        end
-        class AppFramework < TCellSensorEvent
-            def initialize(name, version)
-                super("appserver_framework")
-                @flush = false
-                @ensure = true
-                self["n"] = name
-                self["v"] = version
-            end
-        end
-        class AppAuthFramework < TCellSensorEvent
-            def initialize(name, version)
-                super("appserver_auth_framework")
-                @flush = false
-                @ensure = true
-                self["n"] = name
-                self["v"] = version
-            end
-        end
-        class AppFrameworkSetting < TCellSensorEvent
-            def initialize(framework_name, setting, value)
-                super("appserver_framework_setting")
-                @flush = false
-                @ensure = true
-                self["framework"] = framework_name
-                self["s"] = setting
-                self["v"] = value
-            end
-        end
-        class AppCookie < TCellSensorEvent
-            def initialize(name, value, secure, http_only, session)
-                super("appserver_framework_setting")
-                @flush = false
-                @ensure = true
-                self["n"] = name
-                self["v"] = value
-                self["http_only"] = http_only
-                self["secure"] = secure
-                self["session"] = session
-            end
-        end
-        class AppRoutesSensorEvent < TCellSensorEvent
-            def initialize(uri, method, route_id, params=nil, destination=nil)
-                super("appserver_routes")
-                @flush = false
-                @ensure = true
-                method = method.downcase
-                self["uri"] = uri
-                self["method"] = method
-                self["rid"] = route_id
-                if (params)
-                    self["params"] = params
-                end
-                if (destination) 
-                    self["destination"] = destination
-                end
-            end
-        end
+    class AppFramework < TCellSensorEvent
+      def initialize(name, version)
+        super('appserver_framework')
+        @flush = false
+        @ensure = true
+        self['n'] = name
+        self['v'] = version
+      end
+    end
+
+    class AppAuthFramework < TCellSensorEvent
+      def initialize(name, version)
+        super('appserver_auth_framework')
+        @flush = false
+        @ensure = true
+        self['n'] = name
+        self['v'] = version
+      end
+    end
+
+    class AppFrameworkSetting < TCellSensorEvent
+      def initialize(framework_name, setting, value)
+        super('appserver_framework_setting')
+        @flush = false
+        @ensure = true
+        self['framework'] = framework_name
+        self['s'] = setting
+        self['v'] = value
+      end
+    end
+
+    class AppCookie < TCellSensorEvent
+      def initialize(name, value, secure, http_only, session)
+        super('appserver_framework_setting')
+        @flush = false
+        @ensure = true
+        self['n'] = name
+        self['v'] = value
+        self['http_only'] = http_only
+        self['secure'] = secure
+        self['session'] = session
+      end
+    end
+
+    class AppRoutesSensorEvent < TCellSensorEvent
+      def initialize(uri, method, route_id, params = nil, destination = nil)
+        super('appserver_routes')
+        @flush = false
+        @ensure = true
+        method = method.downcase
+        self['uri'] = uri
+        self['method'] = method
+        self['rid'] = route_id
+        self['params'] = params if params
+        self['destination'] = destination if destination
+      end
     end
+  end
 end