dd-trace 2.4.1 → 2.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE-3rdparty.csv +1 -0
- package/ci/init.js +6 -0
- package/ci/jest/env.js +16 -3
- package/ext/exporters.d.ts +2 -1
- package/ext/exporters.js +2 -1
- package/index.d.ts +17 -1
- package/package.json +5 -4
- package/packages/datadog-instrumentations/index.js +1 -0
- package/packages/datadog-instrumentations/src/amqplib.js +1 -1
- package/packages/datadog-instrumentations/src/cypress.js +8 -0
- package/packages/datadog-instrumentations/src/http/client.js +10 -10
- package/packages/datadog-instrumentations/src/jest.js +170 -0
- package/packages/datadog-plugin-aws-sdk/src/helpers.js +4 -4
- package/packages/datadog-plugin-aws-sdk/src/index.js +1 -1
- package/packages/datadog-plugin-cucumber/src/index.js +16 -16
- package/packages/datadog-plugin-cypress/src/index.js +10 -5
- package/packages/datadog-plugin-cypress/src/plugin.js +18 -17
- package/packages/datadog-plugin-elasticsearch/src/index.js +4 -2
- package/packages/datadog-plugin-fs/src/index.js +2 -0
- package/packages/datadog-plugin-http/src/client.js +4 -1
- package/packages/datadog-plugin-http/src/server.js +7 -10
- package/packages/datadog-plugin-jest/src/index.js +101 -3
- package/packages/datadog-plugin-jest/src/util.js +1 -29
- package/packages/datadog-plugin-mocha/src/index.js +14 -15
- package/packages/dd-trace/lib/version.js +1 -1
- package/packages/dd-trace/src/appsec/callbacks/ddwaf.js +29 -12
- package/packages/dd-trace/src/appsec/index.js +7 -3
- package/packages/dd-trace/src/appsec/recommended.json +119 -210
- package/packages/dd-trace/src/appsec/reporter.js +29 -3
- package/packages/dd-trace/src/appsec/rule_manager.js +2 -2
- package/packages/dd-trace/src/ci-visibility/exporters/agentless/index.js +32 -0
- package/packages/dd-trace/src/ci-visibility/exporters/agentless/writer.js +51 -0
- package/packages/dd-trace/src/config.js +33 -4
- package/packages/dd-trace/src/encode/0.4.js +0 -1
- package/packages/dd-trace/src/encode/agentless-ci-visibility.js +193 -0
- package/packages/dd-trace/src/encode/tags-processors.js +116 -0
- package/packages/dd-trace/src/exporter.js +3 -0
- package/packages/dd-trace/src/exporters/agent/index.js +1 -1
- package/packages/dd-trace/src/exporters/agent/writer.js +7 -32
- package/packages/dd-trace/src/exporters/{agent → common}/docker.js +0 -0
- package/packages/dd-trace/src/exporters/common/request.js +83 -0
- package/packages/dd-trace/src/exporters/common/writer.js +36 -0
- package/packages/dd-trace/src/exporters/{agent/scheduler.js → scheduler.js} +0 -0
- package/packages/dd-trace/src/format.js +9 -5
- package/packages/dd-trace/src/instrumenter.js +3 -0
- package/packages/dd-trace/src/pkg.js +11 -6
- package/packages/dd-trace/src/plugins/util/test.js +79 -1
- package/packages/dd-trace/src/plugins/util/web.js +11 -10
- package/packages/dd-trace/src/profiling/exporters/agent.js +1 -1
- package/packages/dd-trace/src/profiling/profilers/cpu.js +1 -1
- package/packages/dd-trace/src/proxy.js +2 -0
- package/packages/dd-trace/src/span_processor.js +4 -1
- package/packages/dd-trace/src/telemetry.js +187 -0
- package/scripts/install_plugin_modules.js +1 -0
- package/packages/datadog-plugin-jest/src/jest-environment.js +0 -272
- package/packages/datadog-plugin-jest/src/jest-jasmine2.js +0 -185
- package/packages/dd-trace/src/exporters/agent/request.js +0 -86
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": "2.2",
|
|
3
3
|
"metadata": {
|
|
4
|
-
"rules_version": "1.
|
|
4
|
+
"rules_version": "1.3.1"
|
|
5
5
|
},
|
|
6
6
|
"rules": [
|
|
7
7
|
{
|
|
@@ -280,9 +280,6 @@
|
|
|
280
280
|
{
|
|
281
281
|
"parameters": {
|
|
282
282
|
"inputs": [
|
|
283
|
-
{
|
|
284
|
-
"address": "server.request.cookies"
|
|
285
|
-
},
|
|
286
283
|
{
|
|
287
284
|
"address": "server.request.query"
|
|
288
285
|
},
|
|
@@ -297,53 +294,54 @@
|
|
|
297
294
|
}
|
|
298
295
|
],
|
|
299
296
|
"list": [
|
|
300
|
-
"
|
|
301
|
-
"
|
|
302
|
-
"
|
|
303
|
-
"
|
|
304
|
-
"
|
|
305
|
-
"
|
|
306
|
-
"
|
|
307
|
-
"
|
|
308
|
-
"
|
|
309
|
-
"
|
|
297
|
+
"/.htaccess",
|
|
298
|
+
"/.htdigest",
|
|
299
|
+
"/.htpasswd",
|
|
300
|
+
"/.addressbook",
|
|
301
|
+
"/.aptitude/config",
|
|
302
|
+
"/.bash_config",
|
|
303
|
+
"/.bash_history",
|
|
304
|
+
"/.bash_logout",
|
|
305
|
+
"/.bash_profile",
|
|
306
|
+
"/.bashrc",
|
|
310
307
|
".cache/notify-osd.log",
|
|
311
308
|
".config/odesk/odesk team.conf",
|
|
312
|
-
"
|
|
313
|
-
"
|
|
309
|
+
"/.cshrc",
|
|
310
|
+
"/.dockerignore",
|
|
314
311
|
".drush/",
|
|
315
|
-
"
|
|
316
|
-
"
|
|
317
|
-
"
|
|
318
|
-
"
|
|
319
|
-
".
|
|
320
|
-
"
|
|
312
|
+
"/.eslintignore",
|
|
313
|
+
"/.fbcindex",
|
|
314
|
+
"/.forward",
|
|
315
|
+
"/.git",
|
|
316
|
+
".git/",
|
|
317
|
+
"/.gitattributes",
|
|
318
|
+
"/.gitconfig",
|
|
321
319
|
".gnupg/",
|
|
322
320
|
".hplip/hplip.conf",
|
|
323
|
-
"
|
|
324
|
-
"
|
|
321
|
+
"/.ksh_history",
|
|
322
|
+
"/.lesshst",
|
|
325
323
|
".lftp/",
|
|
326
|
-
"
|
|
327
|
-
"
|
|
324
|
+
"/.lhistory",
|
|
325
|
+
"/.lldb-history",
|
|
328
326
|
".local/share/mc/",
|
|
329
|
-
"
|
|
330
|
-
"
|
|
331
|
-
"
|
|
332
|
-
"
|
|
333
|
-
"
|
|
334
|
-
"
|
|
335
|
-
"
|
|
336
|
-
"
|
|
327
|
+
"/.lynx_cookies",
|
|
328
|
+
"/.my.cnf",
|
|
329
|
+
"/.mysql_history",
|
|
330
|
+
"/.nano_history",
|
|
331
|
+
"/.node_repl_history",
|
|
332
|
+
"/.pearrc",
|
|
333
|
+
"/.php_history",
|
|
334
|
+
"/.pinerc",
|
|
337
335
|
".pki/",
|
|
338
|
-
"
|
|
339
|
-
"
|
|
340
|
-
"
|
|
341
|
-
"
|
|
342
|
-
"
|
|
343
|
-
"
|
|
344
|
-
"
|
|
345
|
-
"
|
|
346
|
-
"
|
|
336
|
+
"/.proclog",
|
|
337
|
+
"/.procmailrc",
|
|
338
|
+
"/.psql_history",
|
|
339
|
+
"/.python_history",
|
|
340
|
+
"/.rediscli_history",
|
|
341
|
+
"/.rhistory",
|
|
342
|
+
"/.rhosts",
|
|
343
|
+
"/.sh_history",
|
|
344
|
+
"/.sqlite_history",
|
|
347
345
|
".ssh/authorized_keys",
|
|
348
346
|
".ssh/config",
|
|
349
347
|
".ssh/id_dsa",
|
|
@@ -357,17 +355,17 @@
|
|
|
357
355
|
".subversion/config",
|
|
358
356
|
".subversion/servers",
|
|
359
357
|
".tconn/tconn.conf",
|
|
360
|
-
"
|
|
358
|
+
"/.tcshrc",
|
|
361
359
|
".vidalia/vidalia.conf",
|
|
362
|
-
"
|
|
363
|
-
"
|
|
364
|
-
"
|
|
365
|
-
"
|
|
366
|
-
"
|
|
367
|
-
"
|
|
368
|
-
"
|
|
369
|
-
"
|
|
370
|
-
"
|
|
360
|
+
"/.viminfo",
|
|
361
|
+
"/.vimrc",
|
|
362
|
+
"/.www_acl",
|
|
363
|
+
"/.wwwacl",
|
|
364
|
+
"/.xauthority",
|
|
365
|
+
"/.zhistory",
|
|
366
|
+
"/.zshrc",
|
|
367
|
+
"/.zsh_history",
|
|
368
|
+
"/.nsconfig",
|
|
371
369
|
"etc/redis.conf",
|
|
372
370
|
"etc/redis-sentinel.conf",
|
|
373
371
|
"etc/php.ini",
|
|
@@ -1349,26 +1347,26 @@
|
|
|
1349
1347
|
"etc/vmware-tools/vmware-tools-libraries.conf",
|
|
1350
1348
|
"var/log/vmware/hostd.log",
|
|
1351
1349
|
"var/log/vmware/hostd-1.log",
|
|
1352
|
-
"wp-config.php",
|
|
1353
|
-
"wp-config.bak",
|
|
1354
|
-
"wp-config.old",
|
|
1355
|
-
"wp-config.temp",
|
|
1356
|
-
"wp-config.tmp",
|
|
1357
|
-
"wp-config.txt",
|
|
1358
|
-
"config.yml",
|
|
1359
|
-
"config_dev.yml",
|
|
1360
|
-
"config_prod.yml",
|
|
1361
|
-
"config_test.yml",
|
|
1362
|
-
"parameters.yml",
|
|
1363
|
-
"routing.yml",
|
|
1364
|
-
"security.yml",
|
|
1365
|
-
"services.yml",
|
|
1350
|
+
"/wp-config.php",
|
|
1351
|
+
"/wp-config.bak",
|
|
1352
|
+
"/wp-config.old",
|
|
1353
|
+
"/wp-config.temp",
|
|
1354
|
+
"/wp-config.tmp",
|
|
1355
|
+
"/wp-config.txt",
|
|
1356
|
+
"/config.yml",
|
|
1357
|
+
"/config_dev.yml",
|
|
1358
|
+
"/config_prod.yml",
|
|
1359
|
+
"/config_test.yml",
|
|
1360
|
+
"/parameters.yml",
|
|
1361
|
+
"/routing.yml",
|
|
1362
|
+
"/security.yml",
|
|
1363
|
+
"/services.yml",
|
|
1366
1364
|
"sites/default/default.settings.php",
|
|
1367
1365
|
"sites/default/settings.php",
|
|
1368
1366
|
"sites/default/settings.local.php",
|
|
1369
1367
|
"app/etc/local.xml",
|
|
1370
|
-
"sftp-config.json",
|
|
1371
|
-
"web.config",
|
|
1368
|
+
"/sftp-config.json",
|
|
1369
|
+
"/web.config",
|
|
1372
1370
|
"includes/config.php",
|
|
1373
1371
|
"includes/configure.php",
|
|
1374
1372
|
"config.inc.php",
|
|
@@ -1392,14 +1390,14 @@
|
|
|
1392
1390
|
"system32/config/system",
|
|
1393
1391
|
"system32/config/software",
|
|
1394
1392
|
"winnt/repair/sam._",
|
|
1395
|
-
"package.json",
|
|
1396
|
-
"package-lock.json",
|
|
1397
|
-
"gruntfile.js",
|
|
1398
|
-
"npm-debug.log",
|
|
1399
|
-
"ormconfig.json",
|
|
1400
|
-
"tsconfig.json",
|
|
1401
|
-
"webpack.config.js",
|
|
1402
|
-
"yarn.lock"
|
|
1393
|
+
"/package.json",
|
|
1394
|
+
"/package-lock.json",
|
|
1395
|
+
"/gruntfile.js",
|
|
1396
|
+
"/npm-debug.log",
|
|
1397
|
+
"/ormconfig.json",
|
|
1398
|
+
"/tsconfig.json",
|
|
1399
|
+
"/webpack.config.js",
|
|
1400
|
+
"/yarn.lock"
|
|
1403
1401
|
]
|
|
1404
1402
|
},
|
|
1405
1403
|
"operator": "phrase_match"
|
|
@@ -1481,9 +1479,6 @@
|
|
|
1481
1479
|
{
|
|
1482
1480
|
"parameters": {
|
|
1483
1481
|
"inputs": [
|
|
1484
|
-
{
|
|
1485
|
-
"address": "server.request.cookies"
|
|
1486
|
-
},
|
|
1487
1482
|
{
|
|
1488
1483
|
"address": "server.request.query"
|
|
1489
1484
|
},
|
|
@@ -1781,9 +1776,6 @@
|
|
|
1781
1776
|
{
|
|
1782
1777
|
"parameters": {
|
|
1783
1778
|
"inputs": [
|
|
1784
|
-
{
|
|
1785
|
-
"address": "server.request.cookies"
|
|
1786
|
-
},
|
|
1787
1779
|
{
|
|
1788
1780
|
"address": "server.request.query"
|
|
1789
1781
|
},
|
|
@@ -1838,9 +1830,6 @@
|
|
|
1838
1830
|
{
|
|
1839
1831
|
"parameters": {
|
|
1840
1832
|
"inputs": [
|
|
1841
|
-
{
|
|
1842
|
-
"address": "server.request.cookies"
|
|
1843
|
-
},
|
|
1844
1833
|
{
|
|
1845
1834
|
"address": "server.request.query"
|
|
1846
1835
|
},
|
|
@@ -1877,9 +1866,6 @@
|
|
|
1877
1866
|
{
|
|
1878
1867
|
"parameters": {
|
|
1879
1868
|
"inputs": [
|
|
1880
|
-
{
|
|
1881
|
-
"address": "server.request.cookies"
|
|
1882
|
-
},
|
|
1883
1869
|
{
|
|
1884
1870
|
"address": "server.request.query"
|
|
1885
1871
|
},
|
|
@@ -1915,9 +1901,6 @@
|
|
|
1915
1901
|
{
|
|
1916
1902
|
"parameters": {
|
|
1917
1903
|
"inputs": [
|
|
1918
|
-
{
|
|
1919
|
-
"address": "server.request.cookies"
|
|
1920
|
-
},
|
|
1921
1904
|
{
|
|
1922
1905
|
"address": "server.request.query"
|
|
1923
1906
|
},
|
|
@@ -1997,9 +1980,6 @@
|
|
|
1997
1980
|
{
|
|
1998
1981
|
"parameters": {
|
|
1999
1982
|
"inputs": [
|
|
2000
|
-
{
|
|
2001
|
-
"address": "server.request.cookies"
|
|
2002
|
-
},
|
|
2003
1983
|
{
|
|
2004
1984
|
"address": "server.request.query"
|
|
2005
1985
|
},
|
|
@@ -2035,9 +2015,6 @@
|
|
|
2035
2015
|
{
|
|
2036
2016
|
"parameters": {
|
|
2037
2017
|
"inputs": [
|
|
2038
|
-
{
|
|
2039
|
-
"address": "server.request.cookies"
|
|
2040
|
-
},
|
|
2041
2018
|
{
|
|
2042
2019
|
"address": "server.request.headers.no_cookies"
|
|
2043
2020
|
},
|
|
@@ -2077,9 +2054,6 @@
|
|
|
2077
2054
|
{
|
|
2078
2055
|
"parameters": {
|
|
2079
2056
|
"inputs": [
|
|
2080
|
-
{
|
|
2081
|
-
"address": "server.request.cookies"
|
|
2082
|
-
},
|
|
2083
2057
|
{
|
|
2084
2058
|
"address": "server.request.query"
|
|
2085
2059
|
},
|
|
@@ -2118,9 +2092,6 @@
|
|
|
2118
2092
|
{
|
|
2119
2093
|
"parameters": {
|
|
2120
2094
|
"inputs": [
|
|
2121
|
-
{
|
|
2122
|
-
"address": "server.request.cookies"
|
|
2123
|
-
},
|
|
2124
2095
|
{
|
|
2125
2096
|
"address": "server.request.query"
|
|
2126
2097
|
},
|
|
@@ -2157,9 +2128,6 @@
|
|
|
2157
2128
|
{
|
|
2158
2129
|
"parameters": {
|
|
2159
2130
|
"inputs": [
|
|
2160
|
-
{
|
|
2161
|
-
"address": "server.request.cookies"
|
|
2162
|
-
},
|
|
2163
2131
|
{
|
|
2164
2132
|
"address": "server.request.headers.no_cookies",
|
|
2165
2133
|
"key_path": [
|
|
@@ -2205,9 +2173,6 @@
|
|
|
2205
2173
|
{
|
|
2206
2174
|
"parameters": {
|
|
2207
2175
|
"inputs": [
|
|
2208
|
-
{
|
|
2209
|
-
"address": "server.request.cookies"
|
|
2210
|
-
},
|
|
2211
2176
|
{
|
|
2212
2177
|
"address": "server.request.headers.no_cookies",
|
|
2213
2178
|
"key_path": [
|
|
@@ -2257,9 +2222,6 @@
|
|
|
2257
2222
|
{
|
|
2258
2223
|
"parameters": {
|
|
2259
2224
|
"inputs": [
|
|
2260
|
-
{
|
|
2261
|
-
"address": "server.request.cookies"
|
|
2262
|
-
},
|
|
2263
2225
|
{
|
|
2264
2226
|
"address": "server.request.headers.no_cookies",
|
|
2265
2227
|
"key_path": [
|
|
@@ -2309,9 +2271,6 @@
|
|
|
2309
2271
|
{
|
|
2310
2272
|
"parameters": {
|
|
2311
2273
|
"inputs": [
|
|
2312
|
-
{
|
|
2313
|
-
"address": "server.request.cookies"
|
|
2314
|
-
},
|
|
2315
2274
|
{
|
|
2316
2275
|
"address": "server.request.headers.no_cookies",
|
|
2317
2276
|
"key_path": [
|
|
@@ -2361,9 +2320,6 @@
|
|
|
2361
2320
|
{
|
|
2362
2321
|
"parameters": {
|
|
2363
2322
|
"inputs": [
|
|
2364
|
-
{
|
|
2365
|
-
"address": "server.request.cookies"
|
|
2366
|
-
},
|
|
2367
2323
|
{
|
|
2368
2324
|
"address": "server.request.query"
|
|
2369
2325
|
},
|
|
@@ -2407,9 +2363,6 @@
|
|
|
2407
2363
|
{
|
|
2408
2364
|
"parameters": {
|
|
2409
2365
|
"inputs": [
|
|
2410
|
-
{
|
|
2411
|
-
"address": "server.request.cookies"
|
|
2412
|
-
},
|
|
2413
2366
|
{
|
|
2414
2367
|
"address": "server.request.query"
|
|
2415
2368
|
},
|
|
@@ -2448,9 +2401,6 @@
|
|
|
2448
2401
|
{
|
|
2449
2402
|
"parameters": {
|
|
2450
2403
|
"inputs": [
|
|
2451
|
-
{
|
|
2452
|
-
"address": "server.request.cookies"
|
|
2453
|
-
},
|
|
2454
2404
|
{
|
|
2455
2405
|
"address": "server.request.query"
|
|
2456
2406
|
},
|
|
@@ -2489,9 +2439,6 @@
|
|
|
2489
2439
|
{
|
|
2490
2440
|
"parameters": {
|
|
2491
2441
|
"inputs": [
|
|
2492
|
-
{
|
|
2493
|
-
"address": "server.request.cookies"
|
|
2494
|
-
},
|
|
2495
2442
|
{
|
|
2496
2443
|
"address": "server.request.query"
|
|
2497
2444
|
},
|
|
@@ -2530,9 +2477,6 @@
|
|
|
2530
2477
|
{
|
|
2531
2478
|
"parameters": {
|
|
2532
2479
|
"inputs": [
|
|
2533
|
-
{
|
|
2534
|
-
"address": "server.request.cookies"
|
|
2535
|
-
},
|
|
2536
2480
|
{
|
|
2537
2481
|
"address": "server.request.query"
|
|
2538
2482
|
},
|
|
@@ -2570,9 +2514,6 @@
|
|
|
2570
2514
|
{
|
|
2571
2515
|
"parameters": {
|
|
2572
2516
|
"inputs": [
|
|
2573
|
-
{
|
|
2574
|
-
"address": "server.request.cookies"
|
|
2575
|
-
},
|
|
2576
2517
|
{
|
|
2577
2518
|
"address": "server.request.query"
|
|
2578
2519
|
},
|
|
@@ -2612,9 +2553,6 @@
|
|
|
2612
2553
|
{
|
|
2613
2554
|
"parameters": {
|
|
2614
2555
|
"inputs": [
|
|
2615
|
-
{
|
|
2616
|
-
"address": "server.request.cookies"
|
|
2617
|
-
},
|
|
2618
2556
|
{
|
|
2619
2557
|
"address": "server.request.query"
|
|
2620
2558
|
},
|
|
@@ -2652,9 +2590,6 @@
|
|
|
2652
2590
|
{
|
|
2653
2591
|
"parameters": {
|
|
2654
2592
|
"inputs": [
|
|
2655
|
-
{
|
|
2656
|
-
"address": "server.request.cookies"
|
|
2657
|
-
},
|
|
2658
2593
|
{
|
|
2659
2594
|
"address": "server.request.query"
|
|
2660
2595
|
},
|
|
@@ -2692,9 +2627,6 @@
|
|
|
2692
2627
|
{
|
|
2693
2628
|
"parameters": {
|
|
2694
2629
|
"inputs": [
|
|
2695
|
-
{
|
|
2696
|
-
"address": "server.request.cookies"
|
|
2697
|
-
},
|
|
2698
2630
|
{
|
|
2699
2631
|
"address": "server.request.query"
|
|
2700
2632
|
},
|
|
@@ -2732,9 +2664,6 @@
|
|
|
2732
2664
|
{
|
|
2733
2665
|
"parameters": {
|
|
2734
2666
|
"inputs": [
|
|
2735
|
-
{
|
|
2736
|
-
"address": "server.request.cookies"
|
|
2737
|
-
},
|
|
2738
2667
|
{
|
|
2739
2668
|
"address": "server.request.query"
|
|
2740
2669
|
},
|
|
@@ -2772,9 +2701,6 @@
|
|
|
2772
2701
|
{
|
|
2773
2702
|
"parameters": {
|
|
2774
2703
|
"inputs": [
|
|
2775
|
-
{
|
|
2776
|
-
"address": "server.request.cookies"
|
|
2777
|
-
},
|
|
2778
2704
|
{
|
|
2779
2705
|
"address": "server.request.query"
|
|
2780
2706
|
},
|
|
@@ -2811,9 +2737,6 @@
|
|
|
2811
2737
|
{
|
|
2812
2738
|
"parameters": {
|
|
2813
2739
|
"inputs": [
|
|
2814
|
-
{
|
|
2815
|
-
"address": "server.request.cookies"
|
|
2816
|
-
},
|
|
2817
2740
|
{
|
|
2818
2741
|
"address": "server.request.query"
|
|
2819
2742
|
},
|
|
@@ -2850,9 +2773,6 @@
|
|
|
2850
2773
|
{
|
|
2851
2774
|
"parameters": {
|
|
2852
2775
|
"inputs": [
|
|
2853
|
-
{
|
|
2854
|
-
"address": "server.request.cookies"
|
|
2855
|
-
},
|
|
2856
2776
|
{
|
|
2857
2777
|
"address": "server.request.query"
|
|
2858
2778
|
},
|
|
@@ -2886,9 +2806,6 @@
|
|
|
2886
2806
|
{
|
|
2887
2807
|
"parameters": {
|
|
2888
2808
|
"inputs": [
|
|
2889
|
-
{
|
|
2890
|
-
"address": "server.request.cookies"
|
|
2891
|
-
},
|
|
2892
2809
|
{
|
|
2893
2810
|
"address": "server.request.query"
|
|
2894
2811
|
},
|
|
@@ -2925,9 +2842,6 @@
|
|
|
2925
2842
|
{
|
|
2926
2843
|
"parameters": {
|
|
2927
2844
|
"inputs": [
|
|
2928
|
-
{
|
|
2929
|
-
"address": "server.request.cookies"
|
|
2930
|
-
},
|
|
2931
2845
|
{
|
|
2932
2846
|
"address": "server.request.query"
|
|
2933
2847
|
},
|
|
@@ -2963,9 +2877,6 @@
|
|
|
2963
2877
|
{
|
|
2964
2878
|
"parameters": {
|
|
2965
2879
|
"inputs": [
|
|
2966
|
-
{
|
|
2967
|
-
"address": "server.request.cookies"
|
|
2968
|
-
},
|
|
2969
2880
|
{
|
|
2970
2881
|
"address": "server.request.query"
|
|
2971
2882
|
},
|
|
@@ -3001,9 +2912,6 @@
|
|
|
3001
2912
|
{
|
|
3002
2913
|
"parameters": {
|
|
3003
2914
|
"inputs": [
|
|
3004
|
-
{
|
|
3005
|
-
"address": "server.request.cookies"
|
|
3006
|
-
},
|
|
3007
2915
|
{
|
|
3008
2916
|
"address": "server.request.query"
|
|
3009
2917
|
},
|
|
@@ -3040,9 +2948,6 @@
|
|
|
3040
2948
|
{
|
|
3041
2949
|
"parameters": {
|
|
3042
2950
|
"inputs": [
|
|
3043
|
-
{
|
|
3044
|
-
"address": "server.request.cookies"
|
|
3045
|
-
},
|
|
3046
2951
|
{
|
|
3047
2952
|
"address": "server.request.query"
|
|
3048
2953
|
},
|
|
@@ -3078,9 +2983,6 @@
|
|
|
3078
2983
|
{
|
|
3079
2984
|
"parameters": {
|
|
3080
2985
|
"inputs": [
|
|
3081
|
-
{
|
|
3082
|
-
"address": "server.request.cookies"
|
|
3083
|
-
},
|
|
3084
2986
|
{
|
|
3085
2987
|
"address": "server.request.query"
|
|
3086
2988
|
},
|
|
@@ -3116,9 +3018,6 @@
|
|
|
3116
3018
|
{
|
|
3117
3019
|
"parameters": {
|
|
3118
3020
|
"inputs": [
|
|
3119
|
-
{
|
|
3120
|
-
"address": "server.request.cookies"
|
|
3121
|
-
},
|
|
3122
3021
|
{
|
|
3123
3022
|
"address": "server.request.query"
|
|
3124
3023
|
},
|
|
@@ -3141,7 +3040,9 @@
|
|
|
3141
3040
|
"operator": "match_regex"
|
|
3142
3041
|
}
|
|
3143
3042
|
],
|
|
3144
|
-
"transformers": [
|
|
3043
|
+
"transformers": [
|
|
3044
|
+
"keys_only"
|
|
3045
|
+
]
|
|
3145
3046
|
},
|
|
3146
3047
|
{
|
|
3147
3048
|
"id": "crs-942-360",
|
|
@@ -3155,9 +3056,6 @@
|
|
|
3155
3056
|
{
|
|
3156
3057
|
"parameters": {
|
|
3157
3058
|
"inputs": [
|
|
3158
|
-
{
|
|
3159
|
-
"address": "server.request.cookies"
|
|
3160
|
-
},
|
|
3161
3059
|
{
|
|
3162
3060
|
"address": "server.request.query"
|
|
3163
3061
|
},
|
|
@@ -3193,9 +3091,6 @@
|
|
|
3193
3091
|
{
|
|
3194
3092
|
"parameters": {
|
|
3195
3093
|
"inputs": [
|
|
3196
|
-
{
|
|
3197
|
-
"address": "server.request.cookies"
|
|
3198
|
-
},
|
|
3199
3094
|
{
|
|
3200
3095
|
"address": "server.request.query"
|
|
3201
3096
|
},
|
|
@@ -3232,9 +3127,6 @@
|
|
|
3232
3127
|
{
|
|
3233
3128
|
"parameters": {
|
|
3234
3129
|
"inputs": [
|
|
3235
|
-
{
|
|
3236
|
-
"address": "server.request.cookies"
|
|
3237
|
-
},
|
|
3238
3130
|
{
|
|
3239
3131
|
"address": "server.request.query"
|
|
3240
3132
|
},
|
|
@@ -3277,9 +3169,6 @@
|
|
|
3277
3169
|
{
|
|
3278
3170
|
"address": "server.request.path_params"
|
|
3279
3171
|
},
|
|
3280
|
-
{
|
|
3281
|
-
"address": "server.request.cookies"
|
|
3282
|
-
},
|
|
3283
3172
|
{
|
|
3284
3173
|
"address": "server.request.headers.no_cookies"
|
|
3285
3174
|
},
|
|
@@ -3321,9 +3210,6 @@
|
|
|
3321
3210
|
{
|
|
3322
3211
|
"address": "server.request.path_params"
|
|
3323
3212
|
},
|
|
3324
|
-
{
|
|
3325
|
-
"address": "server.request.cookies"
|
|
3326
|
-
},
|
|
3327
3213
|
{
|
|
3328
3214
|
"address": "server.request.headers.no_cookies"
|
|
3329
3215
|
},
|
|
@@ -3351,9 +3237,6 @@
|
|
|
3351
3237
|
{
|
|
3352
3238
|
"address": "server.request.path_params"
|
|
3353
3239
|
},
|
|
3354
|
-
{
|
|
3355
|
-
"address": "server.request.cookies"
|
|
3356
|
-
},
|
|
3357
3240
|
{
|
|
3358
3241
|
"address": "server.request.headers.no_cookies"
|
|
3359
3242
|
},
|
|
@@ -3395,9 +3278,6 @@
|
|
|
3395
3278
|
{
|
|
3396
3279
|
"address": "server.request.path_params"
|
|
3397
3280
|
},
|
|
3398
|
-
{
|
|
3399
|
-
"address": "server.request.cookies"
|
|
3400
|
-
},
|
|
3401
3281
|
{
|
|
3402
3282
|
"address": "server.request.headers.no_cookies"
|
|
3403
3283
|
},
|
|
@@ -3503,9 +3383,6 @@
|
|
|
3503
3383
|
"operator": "match_regex",
|
|
3504
3384
|
"parameters": {
|
|
3505
3385
|
"inputs": [
|
|
3506
|
-
{
|
|
3507
|
-
"address": "server.request.cookies"
|
|
3508
|
-
},
|
|
3509
3386
|
{
|
|
3510
3387
|
"address": "server.request.query"
|
|
3511
3388
|
},
|
|
@@ -3540,9 +3417,6 @@
|
|
|
3540
3417
|
"operator": "match_regex",
|
|
3541
3418
|
"parameters": {
|
|
3542
3419
|
"inputs": [
|
|
3543
|
-
{
|
|
3544
|
-
"address": "server.request.cookies"
|
|
3545
|
-
},
|
|
3546
3420
|
{
|
|
3547
3421
|
"address": "server.request.query"
|
|
3548
3422
|
},
|
|
@@ -3568,6 +3442,33 @@
|
|
|
3568
3442
|
],
|
|
3569
3443
|
"transformers": []
|
|
3570
3444
|
},
|
|
3445
|
+
{
|
|
3446
|
+
"id": "dog-000-004",
|
|
3447
|
+
"name": "Spring4Shell - Attempts to exploit the Spring4shell vulnerability",
|
|
3448
|
+
"tags": {
|
|
3449
|
+
"type": "exploit_detection",
|
|
3450
|
+
"category": "attack_attempt"
|
|
3451
|
+
},
|
|
3452
|
+
"conditions": [
|
|
3453
|
+
{
|
|
3454
|
+
"operator": "match_regex",
|
|
3455
|
+
"parameters": {
|
|
3456
|
+
"inputs": [
|
|
3457
|
+
{
|
|
3458
|
+
"address": "server.request.body"
|
|
3459
|
+
}
|
|
3460
|
+
],
|
|
3461
|
+
"regex": "^class\\.module\\.classLoader\\.",
|
|
3462
|
+
"options": {
|
|
3463
|
+
"case_sensitive": false
|
|
3464
|
+
}
|
|
3465
|
+
}
|
|
3466
|
+
}
|
|
3467
|
+
],
|
|
3468
|
+
"transformers": [
|
|
3469
|
+
"keys_only"
|
|
3470
|
+
]
|
|
3471
|
+
},
|
|
3571
3472
|
{
|
|
3572
3473
|
"id": "nfd-000-001",
|
|
3573
3474
|
"name": "Detect common directory discovery scans",
|
|
@@ -4198,15 +4099,23 @@
|
|
|
4198
4099
|
"parameters": {
|
|
4199
4100
|
"inputs": [
|
|
4200
4101
|
{
|
|
4201
|
-
"address": "server.request.
|
|
4102
|
+
"address": "server.request.query"
|
|
4103
|
+
},
|
|
4104
|
+
{
|
|
4105
|
+
"address": "server.request.body"
|
|
4106
|
+
},
|
|
4107
|
+
{
|
|
4108
|
+
"address": "server.request.path_params"
|
|
4202
4109
|
}
|
|
4203
4110
|
],
|
|
4204
|
-
"regex": "
|
|
4111
|
+
"regex": "^\\$(eq|ne|(l|g)te?|n?in|not|(n|x|)or|and|regex|where|expr|exists)$"
|
|
4205
4112
|
},
|
|
4206
4113
|
"operator": "match_regex"
|
|
4207
4114
|
}
|
|
4208
4115
|
],
|
|
4209
|
-
"transformers": [
|
|
4116
|
+
"transformers": [
|
|
4117
|
+
"keys_only"
|
|
4118
|
+
]
|
|
4210
4119
|
},
|
|
4211
4120
|
{
|
|
4212
4121
|
"id": "sqr-000-008",
|
|
@@ -4484,9 +4393,9 @@
|
|
|
4484
4393
|
},
|
|
4485
4394
|
{
|
|
4486
4395
|
"id": "sqr-000-017",
|
|
4487
|
-
"name": "
|
|
4396
|
+
"name": "Log4shell: Attempt to exploit log4j CVE-2021-44228",
|
|
4488
4397
|
"tags": {
|
|
4489
|
-
"type": "
|
|
4398
|
+
"type": "exploit_detection",
|
|
4490
4399
|
"category": "attack_attempt"
|
|
4491
4400
|
},
|
|
4492
4401
|
"conditions": [
|
|
@@ -5726,4 +5635,4 @@
|
|
|
5726
5635
|
"transformers": []
|
|
5727
5636
|
}
|
|
5728
5637
|
]
|
|
5729
|
-
}
|
|
5638
|
+
}
|