RubyGems - tcell_agent - Versions diffs - 1.1.3 → 1.1.4 - Mend

tcell_agent 1.1.3 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

checksums.yaml +4 -4
data/bin/tcell_agent +10 -2
data/lib/tcell_agent.rb +3 -3
data/lib/tcell_agent/agent.rb +42 -52
data/lib/tcell_agent/agent/event_processor.rb +129 -162
data/lib/tcell_agent/agent/fork_pipe_manager.rb +57 -62
data/lib/tcell_agent/agent/policy_manager.rb +83 -104
data/lib/tcell_agent/agent/policy_types.rb +24 -29
data/lib/tcell_agent/agent/route_manager.rb +36 -46
data/lib/tcell_agent/agent/static_agent.rb +19 -21
data/lib/tcell_agent/api.rb +23 -28
data/lib/tcell_agent/appsensor/injections_reporter.rb +7 -11
data/lib/tcell_agent/authlogic.rb +7 -7
data/lib/tcell_agent/cmdi.rb +22 -23
data/lib/tcell_agent/config/unknown_options.rb +71 -69
data/lib/tcell_agent/configuration.rb +187 -191
data/lib/tcell_agent/devise.rb +13 -15
data/lib/tcell_agent/hooks/login_fraud.rb +1 -1
data/lib/tcell_agent/instrumentation.rb +120 -124
data/lib/tcell_agent/logger.rb +29 -45
data/lib/tcell_agent/patches.rb +5 -5
data/lib/tcell_agent/policies/dataloss_policy.rb +263 -288
data/lib/tcell_agent/policies/http_redirect_policy.rb +25 -37
data/lib/tcell_agent/policies/http_tx_policy.rb +48 -52
data/lib/tcell_agent/policies/login_fraud_policy.rb +15 -20
data/lib/tcell_agent/policies/policy.rb +0 -2
data/lib/tcell_agent/policies/rust_policies.rb +24 -29
data/lib/tcell_agent/rails.rb +2 -3
data/lib/tcell_agent/rails/auth/authlogic.rb +2 -2
data/lib/tcell_agent/rails/auth/devise.rb +2 -2
data/lib/tcell_agent/rails/auth/doorkeeper.rb +2 -2
data/lib/tcell_agent/rails/better_ip.rb +12 -16
data/lib/tcell_agent/rails/csrf_exception.rb +4 -7
data/lib/tcell_agent/rails/dlp.rb +208 -107
data/lib/tcell_agent/rails/dlp/process_request.rb +37 -47
data/lib/tcell_agent/rails/dlp_handler.rb +9 -11
data/lib/tcell_agent/rails/js_agent_insert.rb +11 -14
data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +8 -7
data/lib/tcell_agent/rails/middleware/context_middleware.rb +4 -5
data/lib/tcell_agent/rails/middleware/global_middleware.rb +5 -8
data/lib/tcell_agent/rails/middleware/headers_middleware.rb +24 -27
data/lib/tcell_agent/rails/on_start.rb +5 -5
data/lib/tcell_agent/rails/responses.rb +7 -9
data/lib/tcell_agent/rails/routes.rb +62 -81
data/lib/tcell_agent/rails/routes/grape.rb +25 -30
data/lib/tcell_agent/rails/routes/route_id.rb +9 -14
data/lib/tcell_agent/rails/settings_reporter.rb +44 -33
data/lib/tcell_agent/rails/tcell_body_proxy.rb +15 -18
data/lib/tcell_agent/routes/table.rb +31 -33
data/lib/tcell_agent/rust/{libtcellagent-1.3.0.dylib → libtcellagent-1.3.1.dylib} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-1.3.0.so → libtcellagent-1.3.1.so} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-alpine-1.3.0.so → libtcellagent-alpine-1.3.1.so} +0 -0
data/lib/tcell_agent/rust/models.rb +32 -37
data/lib/tcell_agent/rust/tcellagent-1.3.1.dll +0 -0
data/lib/tcell_agent/rust/whisperer.rb +101 -104
data/lib/tcell_agent/sensor_events/app_config.rb +7 -7
data/lib/tcell_agent/sensor_events/appsensor_event.rb +26 -27
data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +20 -88
data/lib/tcell_agent/sensor_events/command_injection.rb +52 -80
data/lib/tcell_agent/sensor_events/discovery.rb +27 -27
data/lib/tcell_agent/sensor_events/dlp.rb +50 -56
data/lib/tcell_agent/sensor_events/honeytokens.rb +9 -9
data/lib/tcell_agent/sensor_events/metrics.rb +20 -21
data/lib/tcell_agent/sensor_events/patches.rb +10 -12
data/lib/tcell_agent/sensor_events/sensor.rb +32 -36
data/lib/tcell_agent/sensor_events/server_agent.rb +130 -127
data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +60 -80
data/lib/tcell_agent/sensor_events/util/utils.rb +3 -5
data/lib/tcell_agent/servers/passenger.rb +5 -9
data/lib/tcell_agent/servers/puma.rb +18 -27
data/lib/tcell_agent/servers/rails_server.rb +5 -9
data/lib/tcell_agent/servers/thin.rb +2 -4
data/lib/tcell_agent/servers/unicorn.rb +18 -27
data/lib/tcell_agent/servers/webrick.rb +2 -4
data/lib/tcell_agent/settings_reporter.rb +126 -0
data/lib/tcell_agent/sinatra.rb +24 -26
data/lib/tcell_agent/start_background_thread.rb +21 -142
data/lib/tcell_agent/system_info.rb +4 -3
data/lib/tcell_agent/tcell_context.rb +150 -0
data/lib/tcell_agent/userinfo.rb +3 -3
data/lib/tcell_agent/utils/io.rb +19 -24
data/lib/tcell_agent/utils/params.rb +9 -15
data/lib/tcell_agent/utils/queue_with_timeout.rb +26 -32
data/lib/tcell_agent/utils/strings.rb +4 -6
data/lib/tcell_agent/version.rb +1 -1
data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +5 -5
data/spec/lib/tcell_agent/agent/static_agent_spec.rb +7 -7
data/spec/lib/tcell_agent/cmdi_spec.rb +21 -21
data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb +29 -24
data/spec/lib/tcell_agent/instrumentation_spec.rb +4 -4
data/spec/lib/tcell_agent/patches_spec.rb +8 -8
data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +23 -23
data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +2 -2
data/spec/lib/tcell_agent/rails/csrf_exception_spec.rb +69 -0
data/spec/lib/tcell_agent/rails/dlp_spec.rb +1039 -0
data/spec/lib/tcell_agent/rails/js_agent_insert_spec.rb +271 -0
data/spec/lib/tcell_agent/rails/logger_spec.rb +5 -5
data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +3 -3
data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb +4 -4
data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb +5 -5
data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +1 -1
data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +11 -8
data/spec/lib/tcell_agent/rails/responses_spec.rb +2 -2
data/spec/lib/tcell_agent/rails/routes/grape_spec.rb +2 -2
data/spec/lib/tcell_agent/rails/routes/route_id_spec.rb +1 -1
data/spec/lib/tcell_agent/rails/routes/routes_spec.rb +4 -4
data/spec/lib/tcell_agent/rust/models_spec.rb +83 -75
data/spec/lib/tcell_agent/rust/whisperer_spec.rb +14 -14
data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +19 -70
data/spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb +1 -1
data/spec/lib/tcell_agent/settings_reporter_spec.rb +162 -0
data/spec/lib/tcell_agent/tcell_context_spec.rb +154 -0
data/spec/spec_helper.rb +5 -0
metadata +18 -10
data/lib/tcell_agent/appsensor/meta_data.rb +0 -132
data/lib/tcell_agent/patches/meta_data.rb +0 -59
data/lib/tcell_agent/rust/tcellagent-1.3.0.dll +0 -0
data/spec/lib/tcell_agent/appsensor/meta_data_spec.rb +0 -71

data/lib/tcell_agent/rails/auth/doorkeeper.rb CHANGED

@@ -14,7 +14,7 @@ if TCellAgent.configuration.should_instrument_doorkeeper?
             TCellAgent::Instrumentation.safe_block('Doorkeeper Token Authorize') do
               if TCellAgent.configuration.enabled &&
                  TCellAgent.configuration.should_intercept_requests?
-                login_fraud_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LoginFraud)
+                login_fraud_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
                 if login_fraud_policy &&
                    login_fraud_policy.enabled &&
                    login_fraud_policy.login_failed_enabled
@@ -59,7 +59,7 @@ if TCellAgent.configuration.should_instrument_doorkeeper?
               if TCellAgent.configuration.enabled &&
                  TCellAgent.configuration.should_intercept_requests?
                 if pre_auth.error
-                  login_fraud_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LoginFraud)
+                  login_fraud_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
                   if login_fraud_policy &&
                      login_fraud_policy.enabled &&
                      login_fraud_policy.login_failed_enabled

data/lib/tcell_agent/rails/better_ip.rb CHANGED

@@ -1,28 +1,25 @@
-require "tcell_agent/utils/strings"
+require 'tcell_agent/utils/strings'
 require 'tcell_agent/instrumentation'
 module TCellAgent
   module Utils
     module Rails
       def self.better_ip(request)
         if TCellAgent.configuration.reverse_proxy
-          TCellAgent::Instrumentation.safe_block("Extracting reverse proxy IP") do
+          TCellAgent::Instrumentation.safe_block('Extracting reverse proxy IP') do
             reverse_proxy_header = TCellAgent.configuration.reverse_proxy_ip_address_header
-            if TCellAgent::Utils::Strings.present?(reverse_proxy_header)
-              reverse_proxy_header = "HTTP_" + reverse_proxy_header.upcase().tr('-','_')
-            else
-              reverse_proxy_header = "HTTP_X_FORWARDED_FOR"
-            end
+            reverse_proxy_header = if TCellAgent::Utils::Strings.present?(reverse_proxy_header)
+                                     'HTTP_' + reverse_proxy_header.upcase.tr('-', '_')
+                                   else
+                                     'HTTP_X_FORWARDED_FOR'
+                                   end
             x_forwarded_for = request.env[reverse_proxy_header]
-            if TCellAgent::Utils::Strings.present?(x_forwarded_for)
-              ip = x_forwarded_for.split(',')[0].strip()
-            else
-              ip = request.ip
-            end
+            ip = if TCellAgent::Utils::Strings.present?(x_forwarded_for)
+                   x_forwarded_for.split(',')[0].strip
+                 else
+                   request.ip
+                 end
             return ip
           end
@@ -30,7 +27,6 @@ module TCellAgent
         request.ip
       end
     end
   end
 end

data/lib/tcell_agent/rails/csrf_exception.rb CHANGED

@@ -1,15 +1,14 @@
 require 'tcell_agent/instrumentation'
 module TCellAgent
   module CsrfExceptionReporter
     def handle_unverified_request
-      TCellAgent::Instrumentation.safe_block("AppSensor CSRF Exception processing") do
-        rust_policies = TCellAgent.policy(TCellAgent::PolicyTypes::Rust)
+      TCellAgent::Instrumentation.safe_block('AppSensor CSRF Exception processing') do
+        rust_policies = TCellAgent.policy(TCellAgent::PolicyTypes::RUST)
         if rust_policies && rust_policies.appfirewall_enabled
           tcell_data = request.env[TCellAgent::Instrumentation::TCELL_ID]
           if tcell_data
-            tcell_data.csrf_exception_name = ActionController::InvalidAuthenticityToken.name
+            tcell_data.csrf_exception_name = 'ActionController::InvalidAuthenticityToken'
           end
         end
       end
@@ -19,12 +18,10 @@ module TCellAgent
   end
   class MyRailtie < Rails::Railtie
-    initializer "tcell.sensors" do |app|
+    initializer 'tcell.sensors' do |_app|
       ActiveSupport.on_load :action_controller do
         ActionController::Base.send(:include, TCellAgent::CsrfExceptionReporter)
       end
     end
   end
 end

data/lib/tcell_agent/rails/dlp.rb CHANGED

@@ -29,75 +29,173 @@ require 'thread'
 require 'tcell_agent/configuration'
 require 'tcell_agent/rails/responses'
 module TCellAgent
   module DLP
-    def self.instrument_find_by_sql(results)
-      if results.size > 0
-        if TCellAgent.configuration.enabled &&
-            TCellAgent.configuration.should_instrument? &&
-            TCellAgent.configuration.should_intercept_requests?
-          dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+    def self.instrument_pluck(results, column_names, model)
+      return if results.empty?
+      if TCellAgent.configuration.enabled &&
+         TCellAgent.configuration.should_instrument? &&
+         TCellAgent.configuration.should_intercept_requests?
+        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
+        request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(Thread.current.object_id, {})
+        tcell_context = request_env[TCellAgent::Instrumentation::TCELL_ID]
+        if tcell_context
+          tcell_context.database_result_sizes.push(results.size)
+          if dlp_policy && dlp_policy.enabled
+            database_name = model.connection_config.fetch(
+              :database, '*'
+            ).split('/').last
+            table_name = model.table_name
+            column_names = if column_names.size.zero?
+                             model.columns.map(&:name)
+                           else
+                             column_names.map(&:to_s)
+                           end
+            if dlp_policy.database_discovery_enabled
+              TCellAgent.discover_database_fields(
+                tcell_context.route_id,
+                database_name,
+                '*',
+                table_name,
+                column_names
+              )
+            end
-          request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(Thread.current.object_id, {})
-          tcell_context = request_env[TCellAgent::Instrumentation::TCELL_ID]
+            normalized_column_names = {}
+            column_name_to_rules = column_names.each_with_object({}) do |namespaced_column_name, memo|
+              namespace = nil
+              column_name = namespaced_column_name
+              if column_name =~ /\./
+                namespace, column_name = column_name.split(/\./)
+              end
+              normalized_column_names[namespaced_column_name] = column_name
+              next unless column_name && (!namespace || namespace == table_name)
+              rules = dlp_policy.get_actions_for_table(
+                database_name,
+                '*',
+                table_name,
+                column_name,
+                tcell_context.route_id
+              )
-          if tcell_context
-            tcell_context.database_result_sizes.push(results.size)
+              memo[namespaced_column_name] = rules if rules
+            end
-            if dlp_policy && dlp_policy.enabled
-              first_record = results.first
-              database_name = first_record.class.connection_config().fetch(:database,"*").split('/').last
-              model = first_record.class
-              column_names = model.columns.map { |col| col.name }
-              table_name = model.table_name
+            if results.size > TCellAgent.configuration.max_data_ex_db_records_per_request
+              TCellAgent.logger.warn("Route (#{tcell_context.route_id}) retrieved too many records")
+            end
-              if dlp_policy.database_discovery_enabled
-                TCellAgent.discover_database_fields(
-                  tcell_context.route_id,
-                  database_name,
-                  "*",
-                  table_name,
-                  column_names
-                )
+            return if column_name_to_rules.empty?
+            # column_names.size == 1
+            # results => [1, 2, 3, 4]
+            # column_names.size > 1
+            # results => [[1, 'email'], [2, 'email']]
+            if column_names.size == 1
+              results[0...TCellAgent.configuration.max_data_ex_db_records_per_request].each do |result|
+                namespaced_column_name = column_names[0]
+                rules = column_name_to_rules.fetch(namespaced_column_name, [])
+                rules.each do |rule|
+                  tcell_context.add_response_db_filter(
+                    result,
+                    rule,
+                    database_name,
+                    '*',
+                    table_name,
+                    normalized_column_names[namespaced_column_name]
+                  )
+                end
               end
-              if results.size > TCellAgent.configuration.max_data_ex_db_records_per_request
-                TCellAgent.logger.warn("Route (#{tcell_context.route_id}) retrieved too many records")
+            else
+              results[0...TCellAgent.configuration.max_data_ex_db_records_per_request].each do |result|
+                result.each_with_index do |val, index|
+                  namespaced_column_name = column_names[index]
+                  rules = column_name_to_rules.fetch(namespaced_column_name, [])
+                  rules.each do |rule|
+                    tcell_context.add_response_db_filter(
+                      val,
+                      rule,
+                      database_name,
+                      '*',
+                      table_name,
+                      normalized_column_names[namespaced_column_name]
+                    )
+                  end
+                end
               end
+            end
+          end
+        end
+      end
+    end
-              column_name_to_rules = column_names.inject({}) do |memo, column_name|
-                rules = dlp_policy.get_actions_for_table(
-                  database_name,
-                  "*",
-                  table_name,
-                  column_name,
-                  tcell_context.route_id
-                )
+    def self.instrument_find_by_sql(results)
+      return if results.empty?
+      if TCellAgent.configuration.enabled &&
+         TCellAgent.configuration.should_instrument? &&
+         TCellAgent.configuration.should_intercept_requests?
+        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
+        request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(Thread.current.object_id, {})
+        tcell_context = request_env[TCellAgent::Instrumentation::TCELL_ID]
+        if tcell_context
+          tcell_context.database_result_sizes.push(results.size)
+          if dlp_policy && dlp_policy.enabled
+            first_record = results.first
+            database_name = first_record.class.connection_config.fetch(:database, '*').split('/').last
+            model = first_record.class
+            column_names = model.columns.map(&:name)
+            table_name = model.table_name
+            if dlp_policy.database_discovery_enabled
+              TCellAgent.discover_database_fields(
+                tcell_context.route_id,
+                database_name,
+                '*',
+                table_name,
+                column_names
+              )
+            end
-                memo[column_name] = rules if rules
+            if results.size > TCellAgent.configuration.max_data_ex_db_records_per_request
+              TCellAgent.logger.warn("Route (#{tcell_context.route_id}) retrieved too many records")
+            end
-                memo
-              end
+            column_name_to_rules = column_names.each_with_object({}) do |column_name, memo|
+              rules = dlp_policy.get_actions_for_table(
+                database_name,
+                '*',
+                table_name,
+                column_name,
+                tcell_context.route_id
+              )
-              return if column_name_to_rules.empty?
-              results[0...TCellAgent.configuration.max_data_ex_db_records_per_request].each do |record|
-                column_name_to_rules.each do |column_name, rules|
-                  if rules
-                    rules.each do |rule|
-                      tcell_context.add_response_db_filter(
-                        record[column_name.to_sym],
-                        rule,
-                        database_name,
-                        "*",
-                        table_name,
-                        column_name
-                      )
-                    end
-                  end
+              memo[column_name] = rules if rules
+            end
+            return if column_name_to_rules.empty?
+            results[0...TCellAgent.configuration.max_data_ex_db_records_per_request].each do |record|
+              column_name_to_rules.each do |column_name, rules|
+                next unless rules
+                rules.each do |rule|
+                  tcell_context.add_response_db_filter(
+                    record[column_name.to_sym],
+                    rule,
+                    database_name,
+                    '*',
+                    table_name,
+                    column_name
+                  )
                 end
               end
             end
@@ -108,23 +206,24 @@ module TCellAgent
   end
   class MyRailtie < Rails::Railtie
-    initializer 'activeservice.autoload', :after => :set_autoload_paths do |app|
+    initializer 'activeservice.autoload', :after => :set_autoload_paths do |_app|
       if defined?(ActiveRecord)
         ActiveRecord::ConnectionAdapters::AbstractAdapter.class_eval do
           alias_method :tcell_translate_exception, :translate_exception
-          def translate_exception(e, message)
-            result = tcell_translate_exception(e, message)
+          def translate_exception(exception, message)
+            result = tcell_translate_exception(exception, message)
-            TCellAgent::Instrumentation.safe_block("Set sql_exception_detected in meta") do
-              rust_policies = TCellAgent.policy(TCellAgent::PolicyTypes::Rust)
+            TCellAgent::Instrumentation.safe_block('Set sql_exception_detected in meta') do
+              rust_policies = TCellAgent.policy(TCellAgent::PolicyTypes::RUST)
               if rust_policies && rust_policies.appfirewall_enabled
-                request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(Thread.current.object_id, {})
+                request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(
+                  Thread.current.object_id, {}
+                )
                 tcell_data = request_env[TCellAgent::Instrumentation::TCELL_ID]
                 if tcell_data && result.is_a?(ActiveRecord::StatementInvalid)
-                  tcell_data.sql_exceptions.push({
-                    "exception_name" => result.class.name, "exception_payload" => message
-                  })
+                  tcell_data.sql_exceptions.push(
+                    { 'exception_name' => result.class.name, 'exception_payload' => message }
+                  )
                 end
               end
             end
@@ -133,86 +232,90 @@ module TCellAgent
           end
         end
-        ActiveRecord::Querying.module_eval do
+        ActiveRecord::Calculations.module_eval do
+          alias_method :tcell_pluck, :pluck
+          def pluck(*column_names)
+            results = tcell_pluck(*column_names)
-          if (::Rails::VERSION::MAJOR == 5)
+            TCellAgent::Instrumentation.safe_block('Running DLP on pluck') do
+              TCellAgent::DLP.instrument_pluck(results, column_names, model)
+            end
+            results
+          end
+        end
+        ActiveRecord::Querying.module_eval do
+          if ::Rails::VERSION::MAJOR == 5
             alias_method :tcell_find_by_sql, :find_by_sql
             def find_by_sql(*args)
               results = tcell_find_by_sql(*args)
-              TCellAgent::Instrumentation.safe_block("Running DLP on find_by_sql") do
+              TCellAgent::Instrumentation.safe_block('Running DLP on find_by_sql') do
                 TCellAgent::DLP.instrument_find_by_sql(results)
               end
               results
             end
-          elsif (::Rails::VERSION::MAJOR < 5)
+          elsif ::Rails::VERSION::MAJOR < 5
             alias_method :tcell_find_by_sql, :find_by_sql
             def find_by_sql(sql, binds = [])
               results = tcell_find_by_sql(sql, binds)
-              TCellAgent::Instrumentation.safe_block("Running DLP on find_by_sql") do
+              TCellAgent::Instrumentation.safe_block('Running DLP on find_by_sql') do
                 TCellAgent::DLP.instrument_find_by_sql(results)
               end
               results
             end
           end
         end
       end
     end
   end
 end
 # - Request
 # -   Session Id event
 # -   Session Id redact
 # -   Session Id hash
 # -   Session Id mask
 # -   Database-Stuff - [event, redact]
-#
+#
 # - Log
 #
 module TCellAgent
   module Policies
     class DataLossPolicy
       def log_enforce(tcell_context, sanitize_string)
         if TCellAgent.configuration.enabled &&
-            TCellAgent.configuration.should_instrument? &&
-            TCellAgent.configuration.should_intercept_requests?
-          if (tcell_context && tcell_context.session_id)
-            session_id_actions = self.get_actions_for_session_id
+           TCellAgent.configuration.should_instrument? &&
+           TCellAgent.configuration.should_intercept_requests?
+          if tcell_context && tcell_context.session_id
+            session_id_actions = get_actions_for_session_id
             if session_id_actions
               send_event = false
-              sanitize_string.gsub!(tcell_context.session_id) {|m|
+              sanitize_string.gsub!(tcell_context.session_id) do |m|
                 if session_id_actions.log_redact
                   send_event = true
-                  m = "[session_id]"
+                  m = '[session_id]'
                 elsif session_id_actions.log_hash
                   send_event = true
-                  m = "[hash]"
+                  m = '[hash]'
                 elsif session_id_actions.log_event
                   send_event = true
                 end
                 m
-              }
+              end
               if send_event
                 TCellAgent.send_event(
                   TCellAgent::SensorEvents::DlpEvent.new(
                     tcell_context.route_id,
                     tcell_context.uri,
                     TCellAgent::SensorEvents::DlpEvent::FOUND_IN_LOG
-                    ).for_framework(TCellAgent::SensorEvents::DlpEvent::FRAMEWORK_VARIABLE_SESSION_ID)
+                  ).for_framework(TCellAgent::SensorEvents::DlpEvent::FRAMEWORK_VARIABLE_SESSION_ID)
                 )
               end
             end
@@ -224,13 +327,13 @@ module TCellAgent
       def response_body_enforce(tcell_context, sanitize_string)
         if TCellAgent.configuration.enabled &&
-            TCellAgent.configuration.should_instrument? &&
-            TCellAgent.configuration.should_intercept_requests?
-          if (tcell_context && tcell_context.session_id)
-            session_id_actions = self.get_actions_for_session_id
+           TCellAgent.configuration.should_instrument? &&
+           TCellAgent.configuration.should_intercept_requests?
+          if tcell_context && tcell_context.session_id
+            session_id_actions = get_actions_for_session_id
             if session_id_actions
               send_event = false
-              sanitize_string.gsub!(tcell_context.session_id) {|m|
+              sanitize_string.gsub!(tcell_context.session_id) do |m|
                 if session_id_actions.body_redact
                   # m = "[session_id]"
                   send_event = true
@@ -241,7 +344,7 @@ module TCellAgent
                   send_event = true
                 end
                 m
-              }
+              end
             end
             if send_event
               TCellAgent.send_event(
@@ -249,7 +352,7 @@ module TCellAgent
                   tcell_context.route_id,
                   tcell_context.uri,
                   TCellAgent::SensorEvents::DlpEvent::FOUND_IN_BODY
-                  ).for_framework(TCellAgent::SensorEvents::DlpEvent::FRAMEWORK_VARIABLE_SESSION_ID)
+                ).for_framework(TCellAgent::SensorEvents::DlpEvent::FRAMEWORK_VARIABLE_SESSION_ID)
               )
             end
           end
@@ -263,11 +366,11 @@ end
 class Logger
   alias_method :tcell_old_add, :add
-  def add(severity, message = nil, progname = nil, &block)
+  def add(severity, message = nil, progname = nil)
     if TCellAgent.configuration.enabled &&
-        TCellAgent.configuration.should_instrument? &&
-        TCellAgent.configuration.should_intercept_requests? &&
-        severity >= self.level
+       TCellAgent.configuration.should_instrument? &&
+       TCellAgent.configuration.should_intercept_requests? &&
+       severity >= level
       progname ||= @progname
       if message.nil?
@@ -279,16 +382,14 @@ class Logger
         end
       end
-      TCellAgent::Instrumentation.safe_block_no_log("Handling DLP log message filtering") {
-        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+      TCellAgent::Instrumentation.safe_block_no_log('Handling DLP log message filtering') do
+        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
         request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(Thread.current.object_id, nil)
         if message && dlp_policy && request_env
           tcell_context = request_env[TCellAgent::Instrumentation::TCELL_ID]
-          if tcell_context
-            tcell_context.filter_log(message)
-          end
+          tcell_context.filter_log(message) if tcell_context
         end
-      }
+      end
     end
     tcell_old_add(severity, message, progname)