RubyGems - tcell_agent - Versions diffs - 1.1.3 → 1.1.4 - Mend

tcell_agent 1.1.3 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

checksums.yaml +4 -4
data/bin/tcell_agent +10 -2
data/lib/tcell_agent.rb +3 -3
data/lib/tcell_agent/agent.rb +42 -52
data/lib/tcell_agent/agent/event_processor.rb +129 -162
data/lib/tcell_agent/agent/fork_pipe_manager.rb +57 -62
data/lib/tcell_agent/agent/policy_manager.rb +83 -104
data/lib/tcell_agent/agent/policy_types.rb +24 -29
data/lib/tcell_agent/agent/route_manager.rb +36 -46
data/lib/tcell_agent/agent/static_agent.rb +19 -21
data/lib/tcell_agent/api.rb +23 -28
data/lib/tcell_agent/appsensor/injections_reporter.rb +7 -11
data/lib/tcell_agent/authlogic.rb +7 -7
data/lib/tcell_agent/cmdi.rb +22 -23
data/lib/tcell_agent/config/unknown_options.rb +71 -69
data/lib/tcell_agent/configuration.rb +187 -191
data/lib/tcell_agent/devise.rb +13 -15
data/lib/tcell_agent/hooks/login_fraud.rb +1 -1
data/lib/tcell_agent/instrumentation.rb +120 -124
data/lib/tcell_agent/logger.rb +29 -45
data/lib/tcell_agent/patches.rb +5 -5
data/lib/tcell_agent/policies/dataloss_policy.rb +263 -288
data/lib/tcell_agent/policies/http_redirect_policy.rb +25 -37
data/lib/tcell_agent/policies/http_tx_policy.rb +48 -52
data/lib/tcell_agent/policies/login_fraud_policy.rb +15 -20
data/lib/tcell_agent/policies/policy.rb +0 -2
data/lib/tcell_agent/policies/rust_policies.rb +24 -29
data/lib/tcell_agent/rails.rb +2 -3
data/lib/tcell_agent/rails/auth/authlogic.rb +2 -2
data/lib/tcell_agent/rails/auth/devise.rb +2 -2
data/lib/tcell_agent/rails/auth/doorkeeper.rb +2 -2
data/lib/tcell_agent/rails/better_ip.rb +12 -16
data/lib/tcell_agent/rails/csrf_exception.rb +4 -7
data/lib/tcell_agent/rails/dlp.rb +208 -107
data/lib/tcell_agent/rails/dlp/process_request.rb +37 -47
data/lib/tcell_agent/rails/dlp_handler.rb +9 -11
data/lib/tcell_agent/rails/js_agent_insert.rb +11 -14
data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +8 -7
data/lib/tcell_agent/rails/middleware/context_middleware.rb +4 -5
data/lib/tcell_agent/rails/middleware/global_middleware.rb +5 -8
data/lib/tcell_agent/rails/middleware/headers_middleware.rb +24 -27
data/lib/tcell_agent/rails/on_start.rb +5 -5
data/lib/tcell_agent/rails/responses.rb +7 -9
data/lib/tcell_agent/rails/routes.rb +62 -81
data/lib/tcell_agent/rails/routes/grape.rb +25 -30
data/lib/tcell_agent/rails/routes/route_id.rb +9 -14
data/lib/tcell_agent/rails/settings_reporter.rb +44 -33
data/lib/tcell_agent/rails/tcell_body_proxy.rb +15 -18
data/lib/tcell_agent/routes/table.rb +31 -33
data/lib/tcell_agent/rust/{libtcellagent-1.3.0.dylib → libtcellagent-1.3.1.dylib} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-1.3.0.so → libtcellagent-1.3.1.so} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-alpine-1.3.0.so → libtcellagent-alpine-1.3.1.so} +0 -0
data/lib/tcell_agent/rust/models.rb +32 -37
data/lib/tcell_agent/rust/tcellagent-1.3.1.dll +0 -0
data/lib/tcell_agent/rust/whisperer.rb +101 -104
data/lib/tcell_agent/sensor_events/app_config.rb +7 -7
data/lib/tcell_agent/sensor_events/appsensor_event.rb +26 -27
data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +20 -88
data/lib/tcell_agent/sensor_events/command_injection.rb +52 -80
data/lib/tcell_agent/sensor_events/discovery.rb +27 -27
data/lib/tcell_agent/sensor_events/dlp.rb +50 -56
data/lib/tcell_agent/sensor_events/honeytokens.rb +9 -9
data/lib/tcell_agent/sensor_events/metrics.rb +20 -21
data/lib/tcell_agent/sensor_events/patches.rb +10 -12
data/lib/tcell_agent/sensor_events/sensor.rb +32 -36
data/lib/tcell_agent/sensor_events/server_agent.rb +130 -127
data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +60 -80
data/lib/tcell_agent/sensor_events/util/utils.rb +3 -5
data/lib/tcell_agent/servers/passenger.rb +5 -9
data/lib/tcell_agent/servers/puma.rb +18 -27
data/lib/tcell_agent/servers/rails_server.rb +5 -9
data/lib/tcell_agent/servers/thin.rb +2 -4
data/lib/tcell_agent/servers/unicorn.rb +18 -27
data/lib/tcell_agent/servers/webrick.rb +2 -4
data/lib/tcell_agent/settings_reporter.rb +126 -0
data/lib/tcell_agent/sinatra.rb +24 -26
data/lib/tcell_agent/start_background_thread.rb +21 -142
data/lib/tcell_agent/system_info.rb +4 -3
data/lib/tcell_agent/tcell_context.rb +150 -0
data/lib/tcell_agent/userinfo.rb +3 -3
data/lib/tcell_agent/utils/io.rb +19 -24
data/lib/tcell_agent/utils/params.rb +9 -15
data/lib/tcell_agent/utils/queue_with_timeout.rb +26 -32
data/lib/tcell_agent/utils/strings.rb +4 -6
data/lib/tcell_agent/version.rb +1 -1
data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +5 -5
data/spec/lib/tcell_agent/agent/static_agent_spec.rb +7 -7
data/spec/lib/tcell_agent/cmdi_spec.rb +21 -21
data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb +29 -24
data/spec/lib/tcell_agent/instrumentation_spec.rb +4 -4
data/spec/lib/tcell_agent/patches_spec.rb +8 -8
data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +23 -23
data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +2 -2
data/spec/lib/tcell_agent/rails/csrf_exception_spec.rb +69 -0
data/spec/lib/tcell_agent/rails/dlp_spec.rb +1039 -0
data/spec/lib/tcell_agent/rails/js_agent_insert_spec.rb +271 -0
data/spec/lib/tcell_agent/rails/logger_spec.rb +5 -5
data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +3 -3
data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb +4 -4
data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb +5 -5
data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +1 -1
data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +11 -8
data/spec/lib/tcell_agent/rails/responses_spec.rb +2 -2
data/spec/lib/tcell_agent/rails/routes/grape_spec.rb +2 -2
data/spec/lib/tcell_agent/rails/routes/route_id_spec.rb +1 -1
data/spec/lib/tcell_agent/rails/routes/routes_spec.rb +4 -4
data/spec/lib/tcell_agent/rust/models_spec.rb +83 -75
data/spec/lib/tcell_agent/rust/whisperer_spec.rb +14 -14
data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +19 -70
data/spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb +1 -1
data/spec/lib/tcell_agent/settings_reporter_spec.rb +162 -0
data/spec/lib/tcell_agent/tcell_context_spec.rb +154 -0
data/spec/spec_helper.rb +5 -0
metadata +18 -10
data/lib/tcell_agent/appsensor/meta_data.rb +0 -132
data/lib/tcell_agent/patches/meta_data.rb +0 -59
data/lib/tcell_agent/rust/tcellagent-1.3.0.dll +0 -0
data/spec/lib/tcell_agent/appsensor/meta_data_spec.rb +0 -71

data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb CHANGED

@@ -1,5 +1,3 @@
-# encoding: utf-8
 # See the file "LICENSE" for the full license governing this code.
 require 'logger'
@@ -11,103 +9,93 @@ module TCellAgent
   module SensorEvents
     module Util
       def self.hmac(data)
-        hmac_key = Util.get_hmac_key()
+        hmac_key = Util.get_hmac_key
         h = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), hmac_key.to_s, data)
-        return h[0...h.length/2]
+        h[0...h.length / 2]
       end
       def self.request_sanitized_json(request)
-        sanitized_headers = Hash.new
-        headers = request.headers.select {|k,v| k.start_with? 'HTTP_'}
-          .collect {|pair| [pair[0].sub(/^HTTP_/, ''), pair[1]]}
-          .sort
+        sanitized_headers = {}
+        headers = request.headers.select { |k, _v| k.start_with? 'HTTP_' }
+                         .collect { |pair| [pair[0].sub(/^HTTP_/, ''), pair[1]] }
+                         .sort
         headers.each do |header_name, header_value|
           lower_header_name = header_name.downcase
-          if lower_header_name == "cookie"
-            sanitized_headers[header_name] = [self.santize_request_cookie_string(header_value)]
-          elsif ["content_type", "content_length","user_agent","csp"].include?(lower_header_name)
-            sanitized_headers[header_name] = [header_value]
-          else
-            sanitized_headers[header_name] = []
-          end
+          sanitized_headers[header_name] = if lower_header_name == 'cookie'
+                                             [santize_request_cookie_string(header_value)]
+                                           elsif %w[content_type content_length user_agent csp].include?(lower_header_name)
+                                             [header_value]
+                                           else
+                                             []
+                                           end
         end
-        new_request = {"method"=>request.request_method,
-                       "uri"=>self.sanitize_uri(request.fullpath),
-                       "headers"=>sanitized_headers}
+        new_request = { 'method' => request.request_method,
+                        'uri' => sanitize_uri(request.fullpath),
+                        'headers' => sanitized_headers }
         request_body = request.body.read
         if request_body
-          new_request["post_data"] = sanitize_query_string(request_body)
+          new_request['post_data'] = sanitize_query_string(request_body)
         end
         new_request
       end
       def self.response_sanitized_json(response)
-        status, headers, body = *response
-        sanitized_headers = Hash.new
-        content_type = "unknown"
+        status, headers, _body = *response
+        sanitized_headers = {}
+        content_type = 'unknown'
         headers.each do |header_name, header_value|
           lower_header_name = header_name.downcase
-          if lower_header_name == "set-cookie"
-            sanitized_headers[header_name] = [self.santize_response_cookie_string(header_value)]
+          if lower_header_name == 'set-cookie'
+            sanitized_headers[header_name] = [santize_response_cookie_string(header_value)]
           else
-            if lower_header_name == "content-type"
-              content_type = header_value
-            end
-            if ["content-type", "content-length"].include?(lower_header_name)
-              sanitized_headers[header_name] = [header_value]
-            else
-              sanitized_headers[header_name] = []
-            end
+            content_type = header_value if lower_header_name == 'content-type'
+            sanitized_headers[header_name] = if ['content-type', 'content-length'].include?(lower_header_name)
+                                               [header_value]
+                                             else
+                                               []
+                                             end
           end
         end
-        new_response = {"status"=> status,
-                        "headers"=>sanitized_headers}
-        new_response
+        { 'status' => status,
+          'headers' => sanitized_headers }
       end
       def self.santize_request_cookie_string(request_cookie_string)
-        sanitized_cookies = Hash.new
-        cookies = CGI::Cookie::parse(request_cookie_string)
+        sanitized_cookies = {}
+        cookies = CGI::Cookie.parse(request_cookie_string)
         cookies.each do |cookie_name, cookie_value|
-          if cookie_value.length != 1
-            next
-          end
+          next if cookie_value.length != 1
           sanitized_cookies[cookie_name] = Util.hmac(cookie_value[0])
         end
-        sanitized_cookies.map{|k,v| "#{k}=#{v}"}.join(';')
+        sanitized_cookies.map { |k, v| "#{k}=#{v}" }.join(';')
       end
       def self.santize_response_cookie_string(response_cookie_string_value)
         cookie_parts = response_cookie_string_value.split('; ')
         cookie_string = cookie_parts[0]
-        cookies = CGI::Cookie::parse(cookie_string)
-        if cookies.length != 1
-          return "[COOKIEMALFORMED]"
-        end
+        cookies = CGI::Cookie.parse(cookie_string)
+        return '[COOKIEMALFORMED]' if cookies.length != 1
         cookie_name = cookies.keys.first
         cookie_values = cookies.values.first
-        if (cookie_values.length != 1)
-          return "[COOKIEHADTOOMANYVALUES]"
-        end
+        return '[COOKIEHADTOOMANYVALUES]' if cookie_values.length != 1
         h = Util.hmac(cookie_values[0])
         new_cookie_string = "#{cookie_name}=#{h}"
         cookie_parts[0] = new_cookie_string
-        cookie_parts.map{|k,v| "#{k}=#{v}"}.join('; ')
+        cookie_parts.map { |k, v| "#{k}=#{v}" }.join('; ')
       end
       def self.sanitize_query_string(query)
-        params = CGI::parse(query)
+        params = CGI.parse(query)
         params.each do |param_name, param_values|
-          if param_values == nil || param_values.length == 0
-            next
-          end
-          if (param_name.match(/password/i) ||
-              param_name.match(/passwd/i) ||
-              param_name.match(/token/i) ||
-              param_name.match(/sessionid/i))
-            params[param_name] = ["?"]
+          next if param_values.nil? || param_values.empty?
+          if param_name.match(/password/i) ||
+             param_name.match(/passwd/i) ||
+             param_name.match(/token/i) ||
+             param_name.match(/sessionid/i)
+            params[param_name] = ['?']
             next
           end
           new_param_values = []
@@ -117,50 +105,42 @@ module TCellAgent
           end
           params[param_name] = new_param_values
         end
-        params.map{|k,v| "#{k}=#{v.join(',')}"}.join('&')
+        params.map { |k, v| "#{k}=#{v.join(',')}" }.join('&')
       end
       def self.strip_values_query_string(query)
-        params = CGI::parse(query)
+        params = CGI.parse(query)
         params.each do |param_name, param_values|
-          if param_values == nil || param_values.length == 0
-            next
-          end
-          params[param_name] = [""]
+          next if param_values.nil? || param_values.empty?
+          params[param_name] = ['']
         end
-        params.map{|k,v| "#{k}=#{v.join(',')}"}.join('&')
+        params.map { |k, v| "#{k}=#{v.join(',')}" }.join('&')
       end
       def self.sanitize_uri(uri_string)
         uri = URI(uri_string)
         query = uri.query
-        if (query)
-          uri.query = sanitize_query_string(query)
-        end
-        return uri.to_s
+        uri.query = sanitize_query_string(query) if query
+        uri.to_s
       end
       def self.strip_uri_values(uri_string)
         uri = URI(uri_string)
         query = uri.query
-        if (query)
-          uri.query = strip_values_query_string(query)
-        end
-        return uri.to_s
+        uri.query = strip_values_query_string(query) if query
+        uri.to_s
       end
       def self.get_hmac_key
-        if (TCellAgent.configuration.hmac_key)
-          return TCellAgent.configuration.hmac_key
-        elsif (TCellAgent.configuration.app_id)
-          return TCellAgent.configuration.app_id
-        end
-        return "tcell_hmac_key"
+        return TCellAgent.configuration.hmac_key if TCellAgent.configuration.hmac_key
+        return TCellAgent.configuration.app_id if TCellAgent.configuration.app_id
+        'tcell_hmac_key'
       end
       def self.clean_header_keys(request_env_or_header_keys)
         if request_env_or_header_keys.is_a?(Hash)
-          request_env_or_header_keys.select {|k,v| k.start_with? 'HTTP_'}.collect {|k,v| k.sub(/^HTTP_/, '') }
+          request_env_or_header_keys.select { |k, _v| k.start_with? 'HTTP_' }.collect { |k, _v| k.sub(/^HTTP_/, '') }
         else
           request_env_or_header_keys.map { |k| k.sub(/^HTTP_/, '') }
         end

data/lib/tcell_agent/sensor_events/util/utils.rb CHANGED

@@ -14,11 +14,9 @@ module TCellAgent
         end
       end
-      def self.calculateRouteId(method, path, params=nil)
-        route_id = jhash("#{(method || "").downcase}|#{path}")
-        if (route_id)
-          route_id = route_id.to_s
-        end
+      def self.calculate_route_id(method, path)
+        route_id = jhash("#{(method || '').downcase}|#{path}")
+        route_id = route_id.to_s if route_id
         route_id
       end
     end

data/lib/tcell_agent/servers/passenger.rb CHANGED

@@ -1,17 +1,16 @@
 PhusionPassenger::LoaderSharedHelpers.class_eval do
   alias_method :tcell_after_loading_app_code, :after_loading_app_code
   def after_loading_app_code(options)
     tcell_after_loading_app_code(options)
-    TCellAgent::Instrumentation.safe_block("Initial Passenger Instrumentation") do
+    TCellAgent::Instrumentation.safe_block('Initial Passenger Instrumentation') do
       # This runs in Passenger's AppPreloader (a process which is killed at some point)
       # but it's still a good place to do the initial instrumentation so it's only sent once.
       # Since this process doesn't receive any requests there is no need to run policy polling
       # but we still need the event processor to send the startup events
       original_policy_polling = TCellAgent.configuration.enable_policy_polling
       TCellAgent.configuration.enable_policy_polling = false
-      TCellAgent.run_instrumentation("Passenger")
+      TCellAgent.run_instrumentation('Passenger')
       TCellAgent.configuration.enable_policy_polling = original_policy_polling
     end
   end
@@ -20,11 +19,10 @@ PhusionPassenger::LoaderSharedHelpers.class_eval do
   def before_handling_requests(forked, options)
     result_if_needed = tcell_before_handling_requests(forked, options)
-    TCellAgent.run_instrumentation("Passenger", false)
+    TCellAgent.run_instrumentation('Passenger', false)
     result_if_needed
   end
 end
 # Passenger's parent process is known as the AppPreloader, the problem is this
@@ -32,10 +30,8 @@ end
 # This will give every child process its own event manager to avoid the dependency
 # on this disappearing process
 class << TCellAgent::Agent
-  alias_method :tcell_is_parent_process?, :is_parent_process?
-  def is_parent_process?
+  alias_method :tcell_parent_process?, :parent_process?
+  def parent_process?
     true
   end
 end

data/lib/tcell_agent/servers/puma.rb CHANGED

@@ -1,40 +1,21 @@
 if defined?(Puma.cli_config)
-  unless Puma.cli_config.options[:preload_app]
-    # this ensures instrumentation runs for preload_app = false.
-    # Instrumentation will run for each worker but there's
-    # nothing we can do about that (Unicorn's preload_app behaves the same way)
-    Puma::Server.class_eval do
-      alias_method :original_run, :run
-      def run(background=true)
-        TCellAgent.run_instrumentation("Puma Cluster Mode (Worker)")
-        original_run(background)
-      end
-    end
-  else
-    if Puma.cli_config.options[:workers] == 0
+  if Puma.cli_config.options[:preload_app]
+    if Puma.cli_config.options[:workers] == 0 # rubocop:disable Style/NumericPredicate
       # Puma is running in single mode, so run both the initial instrumentation and
       # start the agent
       Puma::Runner.class_eval do
         alias_method :original_start_server, :start_server
         def start_server
-          TCellAgent.run_instrumentation("Puma Single Mode")
+          TCellAgent.run_instrumentation('Puma Single Mode')
           original_start_server
         end
       end
     else
       # Runs initial instrumentation only once on the master process
-      puma_server_starting = proc { TCellAgent.run_instrumentation("Puma Cluster Mode") }
+      puma_server_starting = proc { TCellAgent.run_instrumentation('Puma Cluster Mode') }
       # before_fork was added in Puma v2.13.0
       if Puma.cli_config.options[:before_fork]
@@ -46,11 +27,10 @@ if defined?(Puma.cli_config)
       # Each puma worker still needs the agent started but no need to run
       # initial instrumentation again
       Puma::Server.class_eval do
         alias_method :original_run, :run
-        def run(background=true)
+        def run(background = true)
           begin
-            TCellAgent.logger.debug("Instrumenting: Puma Cluster Mode (Worker)")
+            TCellAgent.logger.debug('Instrumenting: Puma Cluster Mode (Worker)')
             TCellAgent.thread_agent.start
           rescue StandardError => e
             TCellAgent.logger.error("Could not start thread agent. #{e.message}")
@@ -58,9 +38,20 @@ if defined?(Puma.cli_config)
           original_run(background)
         end
       end
     end
+  else
+    # this ensures instrumentation runs for preload_app = false.
+    # Instrumentation will run for each worker but there's
+    # nothing we can do about that (Unicorn's preload_app behaves the same way)
+    Puma::Server.class_eval do
+      alias_method :original_run, :run
+      def run(background = true)
+        TCellAgent.run_instrumentation('Puma Cluster Mode (Worker)')
+        original_run(background)
+      end
+    end
   end
 end

data/lib/tcell_agent/servers/rails_server.rb CHANGED

@@ -3,27 +3,23 @@
 # launched through Rack::Server interface
 Rails::Server.class_eval do
   alias_method :tcell_build_app, :build_app
   def build_app(app)
-    require("tcell_agent/servers/unicorn") if defined?(Unicorn::HttpServer)
-    require("tcell_agent/servers/webrick") if defined?(Rack::Handler::WEBrick)
-    require("tcell_agent/servers/thin") if defined?(Thin::Server)
+    require('tcell_agent/servers/unicorn') if defined?(Unicorn::HttpServer)
+    require('tcell_agent/servers/webrick') if defined?(Rack::Handler::WEBrick)
+    require('tcell_agent/servers/thin') if defined?(Thin::Server)
     if defined?(Puma::Server)
       Puma::Server.class_eval do
         alias_method :original_run, :run
-        def run(background=true)
-          TCellAgent.run_instrumentation("Puma Single Mode")
+        def run(background = true)
+          TCellAgent.run_instrumentation('Puma Single Mode')
           original_run(background)
         end
       end
     end
     tcell_build_app(app)
   end
 end

data/lib/tcell_agent/servers/thin.rb CHANGED

@@ -1,11 +1,9 @@
-require("tcell_agent/servers/unicorn") if defined?(Unicorn::HttpServer)
+require('tcell_agent/servers/unicorn') if defined?(Unicorn::HttpServer)
 Thin::Server.class_eval do
   alias_method :original_start, :start
   def start
-    TCellAgent.run_instrumentation("Thin Server")
+    TCellAgent.run_instrumentation('Thin Server')
     original_start
   end
 end

data/lib/tcell_agent/servers/unicorn.rb CHANGED

@@ -1,10 +1,9 @@
 Unicorn::HttpServer.class_eval do
   # - This will be false when preload_app is false (even when unicorn is sent USR2 SIGNAL)
   # - This check also ensures that a server is running as opposed to a different command such
   # as `bundle exec rails runner User.count`.
   unless Unicorn::HttpServer::START_CTX && Unicorn::HttpServer::START_CTX[0]
-    TCellAgent.run_instrumentation("Unicorn")
+    TCellAgent.run_instrumentation('Unicorn')
   end
   # this only runs when preload_app=true because when preload_app=false
@@ -12,7 +11,7 @@ Unicorn::HttpServer.class_eval do
   # the class definitions
   alias_method :tcell_bind_new_listeners!, :bind_new_listeners!
   def bind_new_listeners!
-    TCellAgent.run_instrumentation("Unicorn")
+    TCellAgent.run_instrumentation('Unicorn')
     tcell_bind_new_listeners!
   end
@@ -24,15 +23,15 @@ Unicorn::HttpServer.class_eval do
   def load_config!
     tcell_load_config!
-    TCellAgent::Instrumentation.safe_block("Reloading Tcell Config") do
+    TCellAgent::Instrumentation.safe_block('Reloading Tcell Config') do
       new_config = TCellAgent::Configuration.new
-      TCellAgent.logger.debug("Reloading config")
+      TCellAgent.logger.debug('Reloading config')
       TCellAgent.logger.debug(
-        "ENABLED:#{new_config.enabled}" +
-        "|ENABLE_EVENT_MANAGER:#{new_config.enable_event_manager}" +
-        "|ENABLE_EVENT_CONSUMER:#{new_config.enable_event_consumer}" +
-        "|ENABLE_POLICY_POLLING:#{new_config.enable_policy_polling}" +
-        "|ENABLE_INSTRUMENTATION:#{new_config.enable_instrumentation}" +
+        "ENABLED:#{new_config.enabled}" \
+        "|ENABLE_EVENT_MANAGER:#{new_config.enable_event_manager}" \
+        "|ENABLE_EVENT_CONSUMER:#{new_config.enable_event_consumer}" \
+        "|ENABLE_POLICY_POLLING:#{new_config.enable_policy_polling}" \
+        "|ENABLE_INSTRUMENTATION:#{new_config.enable_instrumentation}" \
         "|ENABLE_INTERCEPT_REQUESTS:#{new_config.enable_intercept_requests}"
       )
       old_config = TCellAgent.configuration
@@ -41,7 +40,7 @@ Unicorn::HttpServer.class_eval do
       if new_config.enabled ^ old_config.enabled
         if new_config.enabled
-          TCellAgent.run_instrumentation("Unicorn")
+          TCellAgent.run_instrumentation('Unicorn')
         else
           TCellAgent.thread_agent.stop_event_processor
@@ -52,15 +51,13 @@ Unicorn::HttpServer.class_eval do
       if new_config.enable_event_manager ^ old_config.enable_event_manager
         if new_config.enable_event_manager
-          TCellAgent.run_instrumentation("Unicorn Restart")
+          TCellAgent.run_instrumentation('Unicorn Restart')
         else
           TCellAgent.thread_agent.stop_event_processor
         end
-      else
+      elsif new_config.enable_event_manager
         # Just in case
-        if new_config.enable_event_manager
-          TCellAgent.thread_agent.ensure_event_processor_running
-        end
+        TCellAgent.thread_agent.ensure_event_processor_running
       end
       if new_config.enable_event_consumer ^ old_config.enable_event_consumer
@@ -69,11 +66,9 @@ Unicorn::HttpServer.class_eval do
         else
           TCellAgent.thread_agent.stop_metrics_event_thread
         end
-      else
+      elsif new_config.enable_event_consumer
         # Just in case
-        if new_config.enable_event_consumer
-          TCellAgent.thread_agent.ensure_metrics_event_thread_running
-        end
+        TCellAgent.thread_agent.ensure_metrics_event_thread_running
       end
       if new_config.enable_policy_polling ^ old_config.enable_policy_polling
@@ -82,11 +77,9 @@ Unicorn::HttpServer.class_eval do
         else
           TCellAgent.thread_agent.stop_policy_polling
         end
-      else
+      elsif new_config.enable_policy_polling
         # Just in case
-        if new_config.enable_policy_polling
-          TCellAgent.thread_agent.ensure_policy_polling_running
-        end
+        TCellAgent.thread_agent.ensure_policy_polling_running
       end
     end
   end
@@ -94,7 +87,7 @@ Unicorn::HttpServer.class_eval do
   # this only runs when preload_app=true because when preload_app=false
   # the gems aren't loaded early enough for tcell to override
   # the class definitions
-  alias tcell_init_worker_process init_worker_process
+  alias_method :tcell_init_worker_process, :init_worker_process
   def init_worker_process(work)
     start_process = tcell_init_worker_process(work)
@@ -103,7 +96,6 @@ Unicorn::HttpServer.class_eval do
         TCellAgent.thread_agent.policy_polling_worker_mutex = Mutex.new
         TCellAgent.thread_agent.policy_polling_thread = nil
         TCellAgent.thread_agent.start
       rescue StandardError => e
         TCellAgent.logger.error("Could not start thread agent. #{e.message}")
       end
@@ -111,5 +103,4 @@ Unicorn::HttpServer.class_eval do
     start_process
   end
 end