tcell_agent 0.2.23 → 0.2.24
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tcell_agent/agent/event_processor.rb +4 -1
- data/lib/tcell_agent/api.rb +1 -7
- data/lib/tcell_agent/appsensor/meta_data.rb +2 -2
- data/lib/tcell_agent/configuration.rb +6 -1
- data/lib/tcell_agent/logger.rb +37 -1
- data/lib/tcell_agent/patches/meta_data.rb +9 -4
- data/lib/tcell_agent/policies/appsensor/request_size_sensor.rb +4 -0
- data/lib/tcell_agent/policies/appsensor/response_size_sensor.rb +4 -0
- data/lib/tcell_agent/policies/appsensor/size_sensor.rb +18 -3
- data/lib/tcell_agent/policies/appsensor_policy.rb +2 -2
- data/lib/tcell_agent/rails/middleware/headers_middleware.rb +26 -5
- data/lib/tcell_agent/sensor_events/appsensor_event.rb +3 -3
- data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +13 -7
- data/lib/tcell_agent/servers/passenger.rb +32 -1
- data/lib/tcell_agent/start_background_thread.rb +2 -3
- data/lib/tcell_agent/utils/queue_with_timeout.rb +1 -1
- data/lib/tcell_agent/version.rb +1 -1
- data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +1 -1
- data/spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb +1 -3
- data/spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb +6 -18
- data/spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb +87 -16
- data/spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb +99 -15
- data/spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb +0 -4
- data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +0 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 13c88a7582aa8c65921222ed524e8000e8d8872a
|
4
|
+
data.tar.gz: 2bf2b713872f81e2950994f56f8d431698410224
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 40078c7ef5481e0364eff69549a8a3d3fc4197ad7ebb903958443e1f7eaaf8c7310d77cb1ba9d752a2b34a4a2bec748755311e8c58ff10b5570c9c8b02c58e07
|
7
|
+
data.tar.gz: 4469f30d67cce86ae944efd69dabd92f681cbe9d7cbe1878a1f5155d3f464d1962871c5229570c764c5ef416eb9601f0db11dce3809ac73ba96add1e3e21b57f
|
@@ -97,6 +97,7 @@ module TCellAgent
|
|
97
97
|
return
|
98
98
|
end
|
99
99
|
|
100
|
+
TCellAgent.logger.debug("Starting event processor thread")
|
100
101
|
@events_send_empties = send_empties
|
101
102
|
Thread.abort_on_exception = true
|
102
103
|
@event_processor_thread = Thread.new do
|
@@ -134,6 +135,8 @@ module TCellAgent
|
|
134
135
|
@dispatchEvents = []
|
135
136
|
}
|
136
137
|
end
|
138
|
+
rescue TCellAgent::ConfigurationException
|
139
|
+
Thread.exit
|
137
140
|
rescue Exception => e
|
138
141
|
last_run_time = Time.now
|
139
142
|
TCellAgent.logger.error("Exception while processing events: #{e.message}")
|
@@ -246,7 +249,7 @@ module TCellAgent
|
|
246
249
|
end
|
247
250
|
|
248
251
|
def _queue_metric(event)
|
249
|
-
return if TCellAgent.configuration.should_consume_event? == false
|
252
|
+
return if TCellAgent.configuration.should_consume_event? == false
|
250
253
|
begin
|
251
254
|
self.ensure_metrics_event_thread_running
|
252
255
|
if (@metrics_event_queue.length() > 100)
|
data/lib/tcell_agent/api.rb
CHANGED
@@ -42,14 +42,8 @@ module TCellAgent
|
|
42
42
|
|
43
43
|
def sendEventSet(events)
|
44
44
|
if !TCellAgent.configuration || !TCellAgent.configuration.tcell_input_url || !TCellAgent.configuration.app_id
|
45
|
-
raise "Config Information Not Found, can't send events"
|
45
|
+
raise TCellAgent::ConfigurationException.new("Config Information Not Found, can't send events")
|
46
46
|
end
|
47
|
-
current_time = DateTime.now.to_time.to_i
|
48
|
-
#if (events)
|
49
|
-
# events.each { |event| event.calculateOffset(current_time) }
|
50
|
-
#else
|
51
|
-
# events = []
|
52
|
-
#end
|
53
47
|
if (events == nil)
|
54
48
|
return false
|
55
49
|
end
|
@@ -47,8 +47,8 @@ module TCellAgent
|
|
47
47
|
@flattened_cookie_dict
|
48
48
|
end
|
49
49
|
|
50
|
-
def set_body_dict(
|
51
|
-
if
|
50
|
+
def set_body_dict(request_content_bytes_len, request_content_type, request_body)
|
51
|
+
if request_content_bytes_len > 2000000
|
52
52
|
@body_dict = {}
|
53
53
|
|
54
54
|
else
|
@@ -6,6 +6,9 @@ require 'socket'
|
|
6
6
|
require 'securerandom'
|
7
7
|
|
8
8
|
module TCellAgent
|
9
|
+
class ConfigurationException < StandardError
|
10
|
+
end
|
11
|
+
|
9
12
|
class << self
|
10
13
|
attr_accessor :configuration
|
11
14
|
end
|
@@ -43,7 +46,8 @@ module TCellAgent
|
|
43
46
|
:agent_home_owner,
|
44
47
|
:reverse_proxy,
|
45
48
|
:reverse_proxy_ip_address_header,
|
46
|
-
:log_file_name
|
49
|
+
:log_file_name,
|
50
|
+
:log_tag
|
47
51
|
|
48
52
|
attr_accessor :disable_all,
|
49
53
|
:enabled,
|
@@ -80,6 +84,7 @@ module TCellAgent
|
|
80
84
|
# a chance to run
|
81
85
|
@cache_filename = nil
|
82
86
|
@agent_log_dir = nil
|
87
|
+
@log_tag = nil
|
83
88
|
|
84
89
|
@logger = nil
|
85
90
|
@appfirewall_payloads_logger = nil
|
data/lib/tcell_agent/logger.rb
CHANGED
@@ -6,6 +6,37 @@ require 'tcell_agent/utils/io'
|
|
6
6
|
|
7
7
|
module TCellAgent
|
8
8
|
|
9
|
+
class TaggedLogger
|
10
|
+
def initialize(tag, logger)
|
11
|
+
@tag = tag
|
12
|
+
@logger = logger
|
13
|
+
end
|
14
|
+
|
15
|
+
def debug(msg)
|
16
|
+
@logger.tagged(@tag) { @logger.debug(msg) }
|
17
|
+
end
|
18
|
+
|
19
|
+
def info(msg)
|
20
|
+
@logger.tagged(@tag) { @logger.info(msg) }
|
21
|
+
end
|
22
|
+
|
23
|
+
def warn(msg)
|
24
|
+
@logger.tagged(@tag) { @logger.warn(msg) }
|
25
|
+
end
|
26
|
+
|
27
|
+
def error(msg)
|
28
|
+
@logger.tagged(@tag) { @logger.error(msg) }
|
29
|
+
end
|
30
|
+
|
31
|
+
def fatal(msg)
|
32
|
+
@logger.tagged(@tag) { @logger.fatal(msg) }
|
33
|
+
end
|
34
|
+
|
35
|
+
def unknown(msg)
|
36
|
+
@logger.tagged(@tag) { @logger.unknown(msg) }
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
9
40
|
class NullLoger < Logger
|
10
41
|
def initialize(*args)
|
11
42
|
end
|
@@ -92,7 +123,12 @@ module TCellAgent
|
|
92
123
|
|
93
124
|
if TCellAgent.configuration.logger
|
94
125
|
@logger_pid = Process.pid
|
95
|
-
|
126
|
+
if TCellAgent.configuration.log_tag
|
127
|
+
@logger = TCellAgent::TaggedLogger.new(TCellAgent.configuration.log_tag, TCellAgent.configuration.logger)
|
128
|
+
else
|
129
|
+
@logger = TCellAgent.configuration.logger
|
130
|
+
end
|
131
|
+
|
96
132
|
return @logger
|
97
133
|
end
|
98
134
|
|
@@ -29,9 +29,14 @@ module TCellAgent
|
|
29
29
|
meta_event.session_id = request.env[TCellAgent::Instrumentation::TCELL_ID].hmac_session_id
|
30
30
|
meta_event.user_id = request.env[TCellAgent::Instrumentation::TCELL_ID].user_id
|
31
31
|
|
32
|
-
|
32
|
+
# Positions strio to the beginning of input, resetting lineno to zero.
|
33
|
+
# rails 4.1 seems to read the stringIO directly and so body.gets is empty
|
34
|
+
# this is called
|
35
|
+
request.body.rewind
|
36
|
+
|
37
|
+
meta_event.request_content_bytes_len = (request.content_length || 0).to_i
|
33
38
|
meta_event.set_body_dict(
|
34
|
-
meta_event.
|
39
|
+
meta_event.request_content_bytes_len,
|
35
40
|
request.content_type,
|
36
41
|
request.body.gets
|
37
42
|
)
|
@@ -41,12 +46,12 @@ module TCellAgent
|
|
41
46
|
end
|
42
47
|
|
43
48
|
attr_accessor :remote_address, :method, :location, :route_id, :session_id, :user_id, :transaction_id,
|
44
|
-
:
|
49
|
+
:request_content_bytes_len, :user_agent
|
45
50
|
|
46
51
|
def initialize
|
47
52
|
super
|
48
53
|
|
49
|
-
@
|
54
|
+
@request_content_bytes_len = 0
|
50
55
|
@user_agent = nil
|
51
56
|
end
|
52
57
|
end
|
@@ -23,14 +23,21 @@ module TCellAgent
|
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
26
|
-
def
|
26
|
+
def get_content_length(appsensor_meta)
|
27
|
+
throw Exception("Not Implemented")
|
28
|
+
end
|
29
|
+
|
30
|
+
def check(appsensor_meta)
|
27
31
|
if !@enabled || @excluded_route_ids.fetch(appsensor_meta.route_id, false)
|
28
32
|
return
|
29
33
|
end
|
30
34
|
|
31
|
-
|
35
|
+
content_length_bytes = get_content_length(appsensor_meta)
|
36
|
+
content_length_KiB = convert_to_kibibytes(content_length_bytes)
|
37
|
+
|
38
|
+
if content_length_KiB > @limit
|
32
39
|
param = payload = pattern = nil
|
33
|
-
meta = { "sz" =>
|
40
|
+
meta = { "sz" => content_length_bytes }
|
34
41
|
TCellAgent::AppSensor::Sensor.send_event(
|
35
42
|
appsensor_meta,
|
36
43
|
@dp_code,
|
@@ -41,6 +48,14 @@ module TCellAgent
|
|
41
48
|
end
|
42
49
|
end
|
43
50
|
|
51
|
+
def convert_to_kibibytes(content_length)
|
52
|
+
if content_length
|
53
|
+
content_length / 1024.0
|
54
|
+
else
|
55
|
+
0
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
44
59
|
def to_s
|
45
60
|
"<#{self.class.name} enabled: #{@enabled} limit: #{@limit} dp_code: #{@dp_code} " +
|
46
61
|
"excluded_route_ids: #{@excluded_route_ids}>"
|
@@ -93,7 +93,7 @@ module TCellAgent
|
|
93
93
|
def check_request_size(appsensor_meta)
|
94
94
|
TCellAgent::Instrumentation.safe_block("AppSensor Testing Response Size") do
|
95
95
|
if self.options.has_key?("req_size")
|
96
|
-
self.options["req_size"].check(appsensor_meta
|
96
|
+
self.options["req_size"].check(appsensor_meta)
|
97
97
|
end
|
98
98
|
end
|
99
99
|
end
|
@@ -101,7 +101,7 @@ module TCellAgent
|
|
101
101
|
def check_response_size(appsensor_meta)
|
102
102
|
TCellAgent::Instrumentation.safe_block("AppSensor Testing Response Size") do
|
103
103
|
if self.options.has_key?("resp_size")
|
104
|
-
self.options["resp_size"].check(appsensor_meta
|
104
|
+
self.options["resp_size"].check(appsensor_meta)
|
105
105
|
end
|
106
106
|
end
|
107
107
|
end
|
@@ -21,6 +21,8 @@ module TCellAgent
|
|
21
21
|
|
22
22
|
class HeadersMiddleware
|
23
23
|
|
24
|
+
STATUSES_MISSING_CONTENT_LENGTH = Set.new((100..199).to_a + [204, 205, 304])
|
25
|
+
|
24
26
|
def initialize(app)
|
25
27
|
@app = app
|
26
28
|
end
|
@@ -139,17 +141,36 @@ module TCellAgent
|
|
139
141
|
TCellAgent::Instrumentation.safe_block("Handling AppSensor") {
|
140
142
|
status_code, response_headers, response_body = response
|
141
143
|
|
142
|
-
|
143
|
-
|
144
|
+
content_length = 0
|
145
|
+
if response_headers['Content-Length']
|
146
|
+
content_length = response_headers['Content-Length'].to_i
|
147
|
+
|
148
|
+
elsif STATUSES_MISSING_CONTENT_LENGTH.include?(status_code.to_i) ||
|
149
|
+
TCellAgent::Utils::Strings.present?(response_headers['Transfer-Encoding'])
|
150
|
+
content_length = 0
|
151
|
+
|
152
|
+
elsif response_body.respond_to?(:to_ary) || response_body.is_a?(Rack::BodyProxy)
|
153
|
+
old_body = response_body
|
154
|
+
response_body, content_length = [], 0
|
155
|
+
old_body.each { |str|
|
156
|
+
response_body << str
|
157
|
+
content_length += str.bytesize
|
158
|
+
}
|
159
|
+
|
160
|
+
if old_body.is_a?(Rack::BodyProxy)
|
161
|
+
response_body = Rack::BodyProxy.new(response_body) do
|
162
|
+
old_body.close if old_body.respond_to?(:close)
|
163
|
+
end
|
164
|
+
end
|
144
165
|
end
|
145
166
|
|
146
|
-
rack_response = Rack::Response.new(response)
|
147
|
-
|
148
167
|
event = TCellAgent::SensorEvents::AppSensorMetaEvent.build(
|
149
|
-
request,
|
168
|
+
request, content_length, status_code, response_headers
|
150
169
|
)
|
151
170
|
TCellAgent.send_event(event)
|
171
|
+
return [status_code, response_headers, response_body]
|
152
172
|
}
|
173
|
+
|
153
174
|
response
|
154
175
|
end
|
155
176
|
|
@@ -19,9 +19,9 @@ module TCellAgent
|
|
19
19
|
pattern=nil)
|
20
20
|
super("as")
|
21
21
|
self["dp"] = detection_point
|
22
|
-
self["param"] = param
|
23
|
-
self["remote_addr"] = remote_addr
|
24
|
-
self["m"] = method
|
22
|
+
self["param"] = param if param
|
23
|
+
self["remote_addr"] = remote_addr if remote_addr
|
24
|
+
self["m"] = method if method
|
25
25
|
@raw_location = location
|
26
26
|
@user_id = user_id
|
27
27
|
@hmac_session_id = hmac_session_id
|
@@ -20,7 +20,7 @@ module TCellAgent
|
|
20
20
|
class AppSensorMetaEvent < TCellAgent::AppSensor::MetaData
|
21
21
|
|
22
22
|
class << self
|
23
|
-
def build(request,
|
23
|
+
def build(request, response_content_length, response_code, response_headers)
|
24
24
|
meta_event = AppSensorMetaEvent.new
|
25
25
|
|
26
26
|
meta_event.remote_address = TCellAgent::Utils::Rails.better_ip(request)
|
@@ -28,8 +28,9 @@ module TCellAgent
|
|
28
28
|
meta_event.location = "#{request.base_url}#{request.fullpath}"
|
29
29
|
meta_event.request_headers = request.env
|
30
30
|
meta_event.user_agent = request.env['HTTP_USER_AGENT']
|
31
|
-
meta_event.
|
32
|
-
meta_event.
|
31
|
+
meta_event.request_content_bytes_len = (request.content_length || 0).to_i
|
32
|
+
meta_event.response_content_bytes_len = response_content_length
|
33
|
+
|
33
34
|
meta_event.get_dict = request.GET
|
34
35
|
meta_event.cookie_dict = request.cookies
|
35
36
|
|
@@ -45,8 +46,13 @@ module TCellAgent
|
|
45
46
|
meta_event.session_id = request.env[TCellAgent::Instrumentation::TCELL_ID].hmac_session_id
|
46
47
|
meta_event.user_id = request.env[TCellAgent::Instrumentation::TCELL_ID].user_id
|
47
48
|
|
49
|
+
# Positions strio to the beginning of input, resetting lineno to zero.
|
50
|
+
# rails 4.1 seems to read the stringIO directly and so body.gets is empty
|
51
|
+
# this is called
|
52
|
+
request.body.rewind
|
53
|
+
|
48
54
|
meta_event.set_body_dict(
|
49
|
-
meta_event.
|
55
|
+
meta_event.request_content_bytes_len,
|
50
56
|
request.content_type,
|
51
57
|
request.body.gets
|
52
58
|
)
|
@@ -57,7 +63,7 @@ module TCellAgent
|
|
57
63
|
|
58
64
|
|
59
65
|
attr_accessor :remote_address, :method, :location, :route_id, :session_id, :user_id, :transaction_id,
|
60
|
-
:
|
66
|
+
:request_content_bytes_len, :get_dict, :post_dict, :body_dict, :cookie_dict, :response_content_bytes_len, :response_code,
|
61
67
|
:user_agent, :path_parameters
|
62
68
|
|
63
69
|
attr_accessor :request_headers, :response_headers
|
@@ -65,8 +71,8 @@ module TCellAgent
|
|
65
71
|
def initialize
|
66
72
|
super
|
67
73
|
|
68
|
-
@
|
69
|
-
@
|
74
|
+
@request_content_bytes_len = 0
|
75
|
+
@response_content_bytes_len = 0
|
70
76
|
@user_agent = nil
|
71
77
|
end
|
72
78
|
|
@@ -4,7 +4,38 @@ PhusionPassenger::LoaderSharedHelpers.class_eval do
|
|
4
4
|
def after_loading_app_code(options)
|
5
5
|
tcell_after_loading_app_code(options)
|
6
6
|
|
7
|
-
TCellAgent.
|
7
|
+
TCellAgent::Instrumentation.safe_block("Initial Passenger Instrumentation") do
|
8
|
+
# This runs in Passenger's AppPreloader (a process which is killed at some point)
|
9
|
+
# but it's still a good place to do the initial instrumentation so it's only sent once.
|
10
|
+
# Since this process doesn't receive any requests there is no need to run policy polling
|
11
|
+
# but we still need the event processor to send the startup events
|
12
|
+
original_policy_polling = TCellAgent.configuration.enable_policy_polling
|
13
|
+
TCellAgent.configuration.enable_policy_polling = false
|
14
|
+
TCellAgent.run_instrumentation("Passenger")
|
15
|
+
TCellAgent.configuration.enable_policy_polling = original_policy_polling
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
alias_method :tcell_before_handling_requests, :before_handling_requests
|
20
|
+
def before_handling_requests(forked, options)
|
21
|
+
result_if_needed = tcell_before_handling_requests(forked, options)
|
22
|
+
|
23
|
+
TCellAgent.run_instrumentation("Passenger", false)
|
24
|
+
|
25
|
+
result_if_needed
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
29
|
+
|
30
|
+
# Passenger's parent process is known as the AppPreloader, the problem is this
|
31
|
+
# process seems to disappear at some point taking the event processor with it.
|
32
|
+
# This will give every child process its own event manager to avoid the dependency
|
33
|
+
# on this disappearing process
|
34
|
+
class << TCellAgent::Agent
|
35
|
+
|
36
|
+
alias_method :tcell_is_parent_process?, :is_parent_process?
|
37
|
+
def is_parent_process?
|
38
|
+
true
|
8
39
|
end
|
9
40
|
|
10
41
|
end
|
@@ -9,7 +9,7 @@ if (TCellAgent.configuration.disable_all == false)
|
|
9
9
|
#require 'tcell_agent/sinatra' if defined?(Sinatra)
|
10
10
|
require 'tcell_agent/rails' if defined?(Rails)
|
11
11
|
|
12
|
-
def self.run_instrumentation(server_name)
|
12
|
+
def self.run_instrumentation(server_name, send_startup_events=true)
|
13
13
|
|
14
14
|
require 'tcell_agent/rails/on_start' if defined?(Rails)
|
15
15
|
|
@@ -18,7 +18,7 @@ if (TCellAgent.configuration.disable_all == false)
|
|
18
18
|
TCellAgent.thread_agent.start
|
19
19
|
end
|
20
20
|
|
21
|
-
if TCellAgent.configuration.should_instrument?
|
21
|
+
if send_startup_events && TCellAgent.configuration.should_instrument?
|
22
22
|
Thread.abort_on_exception = TCellAgent.configuration.raise_exceptions
|
23
23
|
Thread.new do
|
24
24
|
|
@@ -117,7 +117,6 @@ if (TCellAgent.configuration.disable_all == false)
|
|
117
117
|
end
|
118
118
|
end
|
119
119
|
end
|
120
|
-
|
121
120
|
end
|
122
121
|
|
123
122
|
end
|
data/lib/tcell_agent/version.rb
CHANGED
@@ -351,7 +351,7 @@ module TCellAgent
|
|
351
351
|
|
352
352
|
logger = double("logger")
|
353
353
|
expect(TCellAgent).to receive(:logger).and_return(logger)
|
354
|
-
expect(logger).to receive(:warn).with(
|
354
|
+
expect(logger).to receive(:warn).with(/unexpected token at 'bad_json'/)
|
355
355
|
expect_any_instance_of(TCellAgent::Agent).to_not receive(:processPolicyJson)
|
356
356
|
|
357
357
|
agent = TCellAgent::Agent.new(Process.pid)
|
@@ -56,7 +56,7 @@ module TCellAgent
|
|
56
56
|
context "with enabled sensor" do
|
57
57
|
context "records is less than limit" do
|
58
58
|
it "should not send event" do
|
59
|
-
sensor =
|
59
|
+
sensor = DatabaseSensor.new({
|
60
60
|
"enabled" => true,
|
61
61
|
"large_result" => { "limit" => 10},
|
62
62
|
"exclude_routes" => []
|
@@ -90,7 +90,6 @@ module TCellAgent
|
|
90
90
|
{
|
91
91
|
"event_type" => "as",
|
92
92
|
"dp" => DatabaseSensor::DP_CODE,
|
93
|
-
"param" => nil,
|
94
93
|
"remote_addr" => "ip_address",
|
95
94
|
"rid" => "route_id",
|
96
95
|
"m" => "get",
|
@@ -146,7 +145,6 @@ module TCellAgent
|
|
146
145
|
{
|
147
146
|
"event_type" => "as",
|
148
147
|
"dp" => DatabaseSensor::DP_CODE,
|
149
|
-
"param" => nil,
|
150
148
|
"remote_addr" => "ip_address",
|
151
149
|
"rid" => "route_id",
|
152
150
|
"m" => "get",
|
@@ -173,9 +173,7 @@ module TCellAgent
|
|
173
173
|
expect(TCellAgent).to receive(:send_event).with({
|
174
174
|
"event_type"=>"as",
|
175
175
|
"dp"=>"excsrf",
|
176
|
-
"param"=>"TCellAgent::Policies::FakeInvalidAuthenticityToken"
|
177
|
-
"remote_addr"=>nil,
|
178
|
-
"m"=>nil
|
176
|
+
"param"=>"TCellAgent::Policies::FakeInvalidAuthenticityToken"
|
179
177
|
})
|
180
178
|
|
181
179
|
sensor.csrf_rejected(tcell_data, @exception_class)
|
@@ -195,9 +193,7 @@ module TCellAgent
|
|
195
193
|
"event_type"=>"as",
|
196
194
|
"dp"=>"excsrf",
|
197
195
|
"param"=>"TCellAgent::Policies::FakeInvalidAuthenticityToken",
|
198
|
-
"
|
199
|
-
"rid"=>"route_id",
|
200
|
-
"m"=>nil
|
196
|
+
"rid"=>"route_id"
|
201
197
|
})
|
202
198
|
|
203
199
|
sensor.csrf_rejected(tcell_data, @exception_class)
|
@@ -235,9 +231,7 @@ module TCellAgent
|
|
235
231
|
"event_type"=>"as",
|
236
232
|
"dp"=>"excsrf",
|
237
233
|
"param"=>"TCellAgent::Policies::FakeInvalidAuthenticityToken",
|
238
|
-
"
|
239
|
-
"rid"=>"route_id",
|
240
|
-
"m"=>nil
|
234
|
+
"rid"=>"route_id"
|
241
235
|
})
|
242
236
|
|
243
237
|
sensor.csrf_rejected(tcell_data, @exception_class)
|
@@ -359,9 +353,7 @@ module TCellAgent
|
|
359
353
|
expect(TCellAgent).to receive(:send_event).with({
|
360
354
|
"event_type"=>"as",
|
361
355
|
"dp"=>"exsql",
|
362
|
-
"param"=>"TCellAgent::Policies::FakeStatementInvalid"
|
363
|
-
"remote_addr"=>nil,
|
364
|
-
"m"=>nil
|
356
|
+
"param"=>"TCellAgent::Policies::FakeStatementInvalid"
|
365
357
|
})
|
366
358
|
|
367
359
|
sensor.sql_exception_detected(tcell_data, @exception)
|
@@ -381,9 +373,7 @@ module TCellAgent
|
|
381
373
|
"event_type"=>"as",
|
382
374
|
"dp"=>"exsql",
|
383
375
|
"param"=>"TCellAgent::Policies::FakeStatementInvalid",
|
384
|
-
"
|
385
|
-
"rid"=>"route_id",
|
386
|
-
"m"=>nil
|
376
|
+
"rid"=>"route_id"
|
387
377
|
})
|
388
378
|
|
389
379
|
sensor.sql_exception_detected(tcell_data, @exception)
|
@@ -421,9 +411,7 @@ module TCellAgent
|
|
421
411
|
"event_type"=>"as",
|
422
412
|
"dp"=>"exsql",
|
423
413
|
"param"=>"TCellAgent::Policies::FakeStatementInvalid",
|
424
|
-
"
|
425
|
-
"rid"=>"route_id",
|
426
|
-
"m"=>nil
|
414
|
+
"rid"=>"route_id"
|
427
415
|
})
|
428
416
|
|
429
417
|
sensor.sql_exception_detected(tcell_data, @exception)
|
@@ -50,18 +50,27 @@ module TCellAgent
|
|
50
50
|
context "with disabled sensor" do
|
51
51
|
it "should not send event" do
|
52
52
|
sensor = RequestSizeSensor.new({"enabled" => false})
|
53
|
-
|
54
|
-
|
55
|
-
|
53
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
54
|
+
meta.remote_address = "remote_address"
|
55
|
+
meta.method = "get"
|
56
|
+
meta.location = "location"
|
57
|
+
meta.route_id = "route_id"
|
58
|
+
meta.session_id = "session_id"
|
59
|
+
meta.user_id = "user_id"
|
60
|
+
meta.transaction_id = "transaction_id"
|
61
|
+
meta.request_content_bytes_len = 1024
|
62
|
+
|
63
|
+
expect(TCellAgent).to_not receive(:send_event)
|
64
|
+
sensor.check(meta)
|
56
65
|
end
|
57
66
|
end
|
58
67
|
|
59
68
|
context "with enabled sensor" do
|
60
|
-
context "size is
|
69
|
+
context "size is zero" do
|
61
70
|
it "should not send event" do
|
62
71
|
sensor = RequestSizeSensor.new({
|
63
72
|
"enabled" => true,
|
64
|
-
"limit" =>
|
73
|
+
"limit" => 1,
|
65
74
|
"exclude_routes" => []
|
66
75
|
})
|
67
76
|
|
@@ -73,9 +82,35 @@ module TCellAgent
|
|
73
82
|
meta.session_id = "session_id"
|
74
83
|
meta.user_id = "user_id"
|
75
84
|
meta.transaction_id = "transaction_id"
|
85
|
+
meta.request_content_bytes_len = 0
|
76
86
|
|
77
|
-
expect(TCellAgent
|
78
|
-
sensor.check(meta
|
87
|
+
expect(TCellAgent).to_not receive(:send_event)
|
88
|
+
sensor.check(meta)
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
context "size is too small" do
|
93
|
+
context "by half a KiB" do
|
94
|
+
it "should not send event" do
|
95
|
+
sensor = RequestSizeSensor.new({
|
96
|
+
"enabled" => true,
|
97
|
+
"limit" => 1,
|
98
|
+
"exclude_routes" => []
|
99
|
+
})
|
100
|
+
|
101
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
102
|
+
meta.remote_address = "remote_address"
|
103
|
+
meta.method = "get"
|
104
|
+
meta.location = "location"
|
105
|
+
meta.route_id = "route_id"
|
106
|
+
meta.session_id = "session_id"
|
107
|
+
meta.user_id = "user_id"
|
108
|
+
meta.transaction_id = "transaction_id"
|
109
|
+
meta.request_content_bytes_len = 512
|
110
|
+
|
111
|
+
expect(TCellAgent).to_not receive(:send_event)
|
112
|
+
sensor.check(meta)
|
113
|
+
end
|
79
114
|
end
|
80
115
|
end
|
81
116
|
|
@@ -83,7 +118,7 @@ module TCellAgent
|
|
83
118
|
it "should not send event" do
|
84
119
|
sensor = RequestSizeSensor.new({
|
85
120
|
"enabled" => true,
|
86
|
-
"limit" =>
|
121
|
+
"limit" => 1,
|
87
122
|
"exclude_routes" => []
|
88
123
|
})
|
89
124
|
|
@@ -95,18 +130,42 @@ module TCellAgent
|
|
95
130
|
meta.session_id = "session_id"
|
96
131
|
meta.user_id = "user_id"
|
97
132
|
meta.transaction_id = "transaction_id"
|
133
|
+
meta.request_content_bytes_len = 1024
|
98
134
|
|
99
|
-
expect(TCellAgent
|
100
|
-
sensor.check(meta
|
135
|
+
expect(TCellAgent).to_not receive(:send_event)
|
136
|
+
sensor.check(meta)
|
101
137
|
end
|
102
138
|
end
|
103
139
|
|
104
140
|
context "size is too big" do
|
141
|
+
context "by half a KiB" do
|
142
|
+
it "should not send event" do
|
143
|
+
sensor = RequestSizeSensor.new({
|
144
|
+
"enabled" => true,
|
145
|
+
"limit" => 1,
|
146
|
+
"exclude_routes" => ["excluded_route_id"]
|
147
|
+
})
|
148
|
+
|
149
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
150
|
+
meta.remote_address = "remote_address"
|
151
|
+
meta.method = "get"
|
152
|
+
meta.location = "location"
|
153
|
+
meta.route_id = "excluded_route_id"
|
154
|
+
meta.session_id = "session_id"
|
155
|
+
meta.user_id = "user_id"
|
156
|
+
meta.transaction_id = "transaction_id"
|
157
|
+
meta.request_content_bytes_len = 1024 + 512
|
158
|
+
|
159
|
+
expect(TCellAgent).to_not receive(:send_event)
|
160
|
+
sensor.check(meta)
|
161
|
+
end
|
162
|
+
end
|
163
|
+
|
105
164
|
context "route_id is excluded" do
|
106
165
|
it "should not send event" do
|
107
166
|
sensor = RequestSizeSensor.new({
|
108
167
|
"enabled" => true,
|
109
|
-
"limit" =>
|
168
|
+
"limit" => 1,
|
110
169
|
"exclude_routes" => ["excluded_route_id"]
|
111
170
|
})
|
112
171
|
|
@@ -118,9 +177,10 @@ module TCellAgent
|
|
118
177
|
meta.session_id = "session_id"
|
119
178
|
meta.user_id = "user_id"
|
120
179
|
meta.transaction_id = "transaction_id"
|
180
|
+
meta.request_content_bytes_len = 2048
|
121
181
|
|
122
|
-
expect(TCellAgent
|
123
|
-
sensor.check(meta
|
182
|
+
expect(TCellAgent).to_not receive(:send_event)
|
183
|
+
sensor.check(meta)
|
124
184
|
end
|
125
185
|
end
|
126
186
|
|
@@ -128,7 +188,7 @@ module TCellAgent
|
|
128
188
|
it "should send event" do
|
129
189
|
sensor = RequestSizeSensor.new({
|
130
190
|
"enabled" => true,
|
131
|
-
"limit" =>
|
191
|
+
"limit" => 1,
|
132
192
|
"exclude_routes" => []
|
133
193
|
})
|
134
194
|
|
@@ -140,25 +200,36 @@ module TCellAgent
|
|
140
200
|
meta.session_id = "session_id"
|
141
201
|
meta.user_id = "user_id"
|
142
202
|
meta.transaction_id = "transaction_id"
|
203
|
+
meta.request_content_bytes_len = 2048
|
143
204
|
|
144
205
|
expect(TCellAgent).to receive(:send_event).with(
|
145
206
|
{
|
146
207
|
"event_type" => "as",
|
147
208
|
"dp" => RequestSizeSensor::DP_UNUSUAL_REQUEST_SIZE,
|
148
|
-
"param" => nil,
|
149
209
|
"remote_addr" => "remote_address",
|
150
210
|
"m" => "get",
|
151
211
|
"meta" => {"sz" => 2048},
|
152
212
|
"rid" => "excluded_route_id"
|
153
213
|
}
|
154
214
|
)
|
155
|
-
sensor.check(meta
|
215
|
+
sensor.check(meta)
|
156
216
|
end
|
157
217
|
end
|
158
218
|
end
|
159
219
|
|
160
220
|
end
|
161
221
|
end
|
222
|
+
|
223
|
+
context "#get_content_length" do
|
224
|
+
it "should return the request size" do
|
225
|
+
sensor = RequestSizeSensor.new({"enabled" => false})
|
226
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
227
|
+
meta.request_content_bytes_len = 1024
|
228
|
+
meta.response_content_bytes_len = 2048
|
229
|
+
|
230
|
+
expect(sensor.get_content_length(meta)).to eq(1024)
|
231
|
+
end
|
232
|
+
end
|
162
233
|
end
|
163
234
|
|
164
235
|
end
|
@@ -50,14 +50,23 @@ module TCellAgent
|
|
50
50
|
context "with disabled sensor" do
|
51
51
|
it "should not send event" do
|
52
52
|
sensor = ResponseSizeSensor.new({"enabled" => false})
|
53
|
-
|
54
|
-
|
55
|
-
|
53
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
54
|
+
meta.remote_address = "remote_address"
|
55
|
+
meta.method = "get"
|
56
|
+
meta.location = "location"
|
57
|
+
meta.route_id = "route_id"
|
58
|
+
meta.session_id = "session_id"
|
59
|
+
meta.user_id = "user_id"
|
60
|
+
meta.transaction_id = "transaction_id"
|
61
|
+
meta.response_content_bytes_len = 1024
|
62
|
+
|
63
|
+
expect(TCellAgent).to_not receive(:send_event)
|
64
|
+
sensor.check(meta)
|
56
65
|
end
|
57
66
|
end
|
58
67
|
|
59
68
|
context "with enabled sensor" do
|
60
|
-
context "size is
|
69
|
+
context "size is zero" do
|
61
70
|
it "should not send event" do
|
62
71
|
sensor = ResponseSizeSensor.new({
|
63
72
|
"enabled" => true,
|
@@ -73,9 +82,35 @@ module TCellAgent
|
|
73
82
|
meta.session_id = "session_id"
|
74
83
|
meta.user_id = "user_id"
|
75
84
|
meta.transaction_id = "transaction_id"
|
85
|
+
meta.response_content_bytes_len = 0
|
86
|
+
|
87
|
+
expect(TCellAgent).to_not receive(:send_event)
|
88
|
+
sensor.check(meta)
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
context "size is too small" do
|
93
|
+
context "by half a KiB" do
|
94
|
+
it "should not send event" do
|
95
|
+
sensor = ResponseSizeSensor.new({
|
96
|
+
"enabled" => true,
|
97
|
+
"limit" => 1,
|
98
|
+
"exclude_routes" => []
|
99
|
+
})
|
100
|
+
|
101
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
102
|
+
meta.remote_address = "remote_address"
|
103
|
+
meta.method = "get"
|
104
|
+
meta.location = "location"
|
105
|
+
meta.route_id = "route_id"
|
106
|
+
meta.session_id = "session_id"
|
107
|
+
meta.user_id = "user_id"
|
108
|
+
meta.transaction_id = "transaction_id"
|
109
|
+
meta.response_content_bytes_len = 512
|
76
110
|
|
77
|
-
|
78
|
-
|
111
|
+
expect(TCellAgent).to_not receive(:send_event)
|
112
|
+
sensor.check(meta)
|
113
|
+
end
|
79
114
|
end
|
80
115
|
end
|
81
116
|
|
@@ -95,13 +130,44 @@ module TCellAgent
|
|
95
130
|
meta.session_id = "session_id"
|
96
131
|
meta.user_id = "user_id"
|
97
132
|
meta.transaction_id = "transaction_id"
|
133
|
+
meta.response_content_bytes_len = 1024
|
98
134
|
|
99
|
-
expect(TCellAgent
|
100
|
-
sensor.check(meta
|
135
|
+
expect(TCellAgent).to_not receive(:send_event)
|
136
|
+
sensor.check(meta)
|
101
137
|
end
|
102
138
|
end
|
103
139
|
|
104
140
|
context "size is too big" do
|
141
|
+
context "by half a KiB" do
|
142
|
+
it "should not send event" do
|
143
|
+
sensor = ResponseSizeSensor.new({
|
144
|
+
"enabled" => true,
|
145
|
+
"limit" => 1,
|
146
|
+
"exclude_routes" => []
|
147
|
+
})
|
148
|
+
|
149
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
150
|
+
meta.remote_address = "remote_address"
|
151
|
+
meta.method = "get"
|
152
|
+
meta.location = "location"
|
153
|
+
meta.route_id = "excluded_route_id"
|
154
|
+
meta.session_id = "session_id"
|
155
|
+
meta.user_id = "user_id"
|
156
|
+
meta.transaction_id = "transaction_id"
|
157
|
+
meta.response_content_bytes_len = 1024 + 512
|
158
|
+
|
159
|
+
expect(TCellAgent).to receive(:send_event).with(
|
160
|
+
{"event_type"=>"as",
|
161
|
+
"dp"=>"rspsz",
|
162
|
+
"remote_addr"=>"remote_address",
|
163
|
+
"m"=>"get",
|
164
|
+
"meta"=>{"sz"=>1536},
|
165
|
+
"rid"=>"excluded_route_id"}
|
166
|
+
)
|
167
|
+
sensor.check(meta)
|
168
|
+
end
|
169
|
+
end
|
170
|
+
|
105
171
|
context "route_id is excluded" do
|
106
172
|
it "should not send event" do
|
107
173
|
sensor = ResponseSizeSensor.new({
|
@@ -118,9 +184,10 @@ module TCellAgent
|
|
118
184
|
meta.session_id = "session_id"
|
119
185
|
meta.user_id = "user_id"
|
120
186
|
meta.transaction_id = "transaction_id"
|
187
|
+
meta.response_content_bytes_len = 2048
|
121
188
|
|
122
|
-
expect(TCellAgent
|
123
|
-
sensor.check(meta
|
189
|
+
expect(TCellAgent).to_not receive(:send_event)
|
190
|
+
sensor.check(meta)
|
124
191
|
end
|
125
192
|
end
|
126
193
|
|
@@ -128,7 +195,7 @@ module TCellAgent
|
|
128
195
|
it "should send event" do
|
129
196
|
sensor = ResponseSizeSensor.new({
|
130
197
|
"enabled" => true,
|
131
|
-
"limit" =>
|
198
|
+
"limit" => 1,
|
132
199
|
"exclude_routes" => []
|
133
200
|
})
|
134
201
|
|
@@ -140,17 +207,34 @@ module TCellAgent
|
|
140
207
|
meta.session_id = "session_id"
|
141
208
|
meta.user_id = "user_id"
|
142
209
|
meta.transaction_id = "transaction_id"
|
143
|
-
|
144
|
-
|
145
|
-
|
210
|
+
meta.response_content_bytes_len = 2048
|
211
|
+
|
212
|
+
expect(TCellAgent).to receive(:send_event).with(
|
213
|
+
{"event_type"=>"as",
|
214
|
+
"dp"=>"rspsz",
|
215
|
+
"remote_addr"=>"remote_address",
|
216
|
+
"m"=>"get",
|
217
|
+
"meta"=>{"sz"=>2048},
|
218
|
+
"rid"=>"excluded_route_id"}
|
146
219
|
)
|
147
|
-
sensor.check(meta
|
220
|
+
sensor.check(meta)
|
148
221
|
end
|
149
222
|
end
|
150
223
|
end
|
151
224
|
end
|
152
225
|
|
153
226
|
end
|
227
|
+
|
228
|
+
context "#get_content_length" do
|
229
|
+
it "should return the response size" do
|
230
|
+
sensor = ResponseSizeSensor.new({"enabled" => false})
|
231
|
+
meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
|
232
|
+
meta.request_content_bytes_len = 1024
|
233
|
+
meta.response_content_bytes_len = 2048
|
234
|
+
|
235
|
+
expect(sensor.get_content_length(meta)).to eq(2048)
|
236
|
+
end
|
237
|
+
end
|
154
238
|
end
|
155
239
|
|
156
240
|
end
|
@@ -90,7 +90,6 @@ module TCellAgent
|
|
90
90
|
expect(TCellAgent).to receive(:send_event).with({
|
91
91
|
"event_type"=>"as",
|
92
92
|
"dp"=>UserAgentSensor::DP_CODE,
|
93
|
-
"param"=>nil,
|
94
93
|
"remote_addr"=>"remote_address",
|
95
94
|
"m"=>"get",
|
96
95
|
"rid"=>"route_id"
|
@@ -106,7 +105,6 @@ module TCellAgent
|
|
106
105
|
expect(TCellAgent).to receive(:send_event).with({
|
107
106
|
"event_type"=>"as",
|
108
107
|
"dp"=>UserAgentSensor::DP_CODE,
|
109
|
-
"param"=>nil,
|
110
108
|
"remote_addr"=>"remote_address",
|
111
109
|
"m"=>"get",
|
112
110
|
"rid"=>"route_id"
|
@@ -133,7 +131,6 @@ module TCellAgent
|
|
133
131
|
expect(TCellAgent).to receive(:send_event).with({
|
134
132
|
"event_type"=>"as",
|
135
133
|
"dp"=>UserAgentSensor::DP_CODE,
|
136
|
-
"param"=>nil,
|
137
134
|
"remote_addr"=>"remote_address",
|
138
135
|
"m"=>"get",
|
139
136
|
"rid"=>"route_id"
|
@@ -151,7 +148,6 @@ module TCellAgent
|
|
151
148
|
expect(TCellAgent).to receive(:send_event).with({
|
152
149
|
"event_type"=>"as",
|
153
150
|
"dp"=>UserAgentSensor::DP_CODE,
|
154
|
-
"param"=>nil,
|
155
151
|
"remote_addr"=>"remote_address",
|
156
152
|
"m"=>"get",
|
157
153
|
"rid"=>"route_id"
|
@@ -99,7 +99,6 @@ module TCellAgent
|
|
99
99
|
"event_type"=>"as",
|
100
100
|
"dp"=>"xss",
|
101
101
|
"param"=>"xyz",
|
102
|
-
"remote_addr"=>nil,
|
103
102
|
"rid"=>"myrouteid",
|
104
103
|
"m"=>"GET",
|
105
104
|
"pattern"=>"1",
|
@@ -115,7 +114,6 @@ module TCellAgent
|
|
115
114
|
"event_type"=>"as",
|
116
115
|
"dp"=>"xss",
|
117
116
|
"param"=>"xyz",
|
118
|
-
"remote_addr"=>nil,
|
119
117
|
"rid"=>"myrouteid",
|
120
118
|
"m"=>"GET",
|
121
119
|
"pattern"=>"1",
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tcell_agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.24
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Garrett
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-10
|
11
|
+
date: 2016-11-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rest-client
|