Module: Sqreen::Signals::Conversions
- Defined in:
- lib/sqreen/signals/conversions.rb
Overview
rubocop:disable Metrics/ModuleLength
Class Method Summary collapse
-
.convert_attack(attack) ⇒ Object
XXX: not used because we don’t use Sqreen::Attack.
- .convert_batch(batch) ⇒ Array<Sqreen::Kit::Signals::Signal|Sqreen::Kit::Signals::Trace>
- .convert_exception(exception) ⇒ Sqreen::Kit::Signals::Specialized::SqreenException
- .convert_metric_sample(agg) ⇒ Sqreen::Kit::Signals::Metric
- .convert_req_record(req_rec) ⇒ Sqreen::Kit::Signals::Specialized::HttpTrace
-
.convert_unstructured_attack(payload) ⇒ Object
see Sqreen::Rules::RuleCB.record_event.
-
.convert_unstructured_exception(payload) ⇒ Sqreen::Kit::Signals::Specialized::SqreenException
see Sqreen::Rules::RuleCB.record_exception.
Class Method Details
.convert_attack(attack) ⇒ Object
XXX: not used because we don’t use Sqreen::Attack
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/sqreen/signals/conversions.rb', line 45 def convert_attack(attack) # no need to set actor/context as we only include them in request records/traces location_h = {} location_h.merge!(stack_trace: attack.backtrace) if attack.backtrace location_h.merge!(datadog_trace_id: datadog_trace_id) if attack.datadog_trace_id location_h.merge!(datadog_span_id: datadog_span_id) if attack.datadog_span_id location = Kit::Signals::Location.new(location_h) unless location_h.empty? Kit::Signals::Specialized::Attack.new( signal_name: "sq.agent.attack.#{attack.attack_type}", source: "sqreen:rule:#{attack.rulespack_id}:#{attack.rule_name}", time: attack.time, location: location, payload: Kit::Signals::Specialized::Attack::Payload.new( test: attack.test?, block: attack.block?, infos: attack.infos ) ) end |
.convert_batch(batch) ⇒ Array<Sqreen::Kit::Signals::Signal|Sqreen::Kit::Signals::Trace>
159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 |
# File 'lib/sqreen/signals/conversions.rb', line 159 def convert_batch(batch) batch.map do |evt| case evt when RemoteException convert_exception(evt) when AggregatedMetric convert_metric_sample(evt) when RequestRecord convert_req_record(evt) when Sqreen::Kit::Signals::Signal evt when Sqreen::Kit::Signals::Trace evt else raise NotImplementedError, "Unknown type of event in batch: #{evt}" end end end |
.convert_exception(exception) ⇒ Sqreen::Kit::Signals::Specialized::SqreenException
89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/sqreen/signals/conversions.rb', line 89 def convert_exception(exception) payload = exception.payload infos = payload['client_ip'] ? { client_ip: payload['client_ip'] } : {} infos.merge!(payload['infos'] || {}) Kit::Signals::Specialized::SqreenException.new( source: if payload['rule_name'] "sqreen:rule:#{payload['rulespack_id']}:#{payload['rule_name']}" else agent_gen_source end, time: exception.time, ruby_exception: payload['exception'], infos: infos ) end |
.convert_metric_sample(agg) ⇒ Sqreen::Kit::Signals::Metric
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/sqreen/signals/conversions.rb', line 25 def convert_metric_sample(agg) attrs = { signal_name: "sq.agent.metric.#{agg.name}", source: if agg.rule "sqreen:rules:#{agg.rule.rulespack_id}:#{agg.rule.rule_name}" else agent_gen_source end, time: agg.finish, } if agg.metric.is_a?(Sqreen::Metric::Binning) conv_binning_metric(agg, attrs) else conv_generic_metric(agg, attrs) end end |
.convert_req_record(req_rec) ⇒ Sqreen::Kit::Signals::Specialized::HttpTrace
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 |
# File 'lib/sqreen/signals/conversions.rb', line 121 def convert_req_record(req_rec) payload = req_rec.payload request_p = payload['request'] id_args = req_rec.last_identify_args identifiers = id_args[0] if id_args traits = id_args[1] if id_args observed = payload[:observed] || {} signals = [] signals += (observed[:attacks] || []) .map { |att| convert_unstructured_attack(att) } signals += (observed[:sqreen_exceptions] || []) .map { |sq_exc| convert_unstructured_exception(sq_exc) } signals += req_rec.processed_sdk_calls .select { |h| h[:name] == :track } .map { |h| convert_track(h) } signals += (observed[:signals] || []) trace = Kit::Signals::Specialized::HttpTrace.new( actor: Kit::Signals::Actor.new( ip_addresses: [request_p[:client_ip]].compact, user_agent: request_p[:user_agent], identifiers: identifiers, traits: traits, ), location_infra: location_infra, context: convert_request(request_p, payload['response'], payload['headers'], payload['params']), data: signals ) HttpTraceRedaction.redact_trace!(trace, req_rec.redactor) trace end |
.convert_unstructured_attack(payload) ⇒ Object
see Sqreen::Rules::RuleCB.record_event
67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/sqreen/signals/conversions.rb', line 67 def convert_unstructured_attack(payload) location_h = {} location_h.merge!(stack_trace: payload[:backtrace]) if payload[:backtrace] location_h.merge!(datadog_trace_id: payload[:datadog_trace_id]) if payload[:datadog_span_id] location_h.merge!(datadog_span_id: payload[:datadog_span_id]) if payload[:datadog_span_id] location = Kit::Signals::Location.new(location_h) unless location_h.empty? Kit::Signals::Specialized::Attack.new( signal_name: "sq.agent.attack.#{payload[:attack_type]}", source: "sqreen:rule:#{payload[:rulespack_id]}:#{payload[:rule_name]}", time: payload[:time], location: location, payload: Kit::Signals::Specialized::Attack::Payload.new( test: payload[:test], block: payload[:block], infos: payload[:infos] ) ) end |
.convert_unstructured_exception(payload) ⇒ Sqreen::Kit::Signals::Specialized::SqreenException
see Sqreen::Rules::RuleCB.record_exception
110 111 112 113 114 115 116 117 |
# File 'lib/sqreen/signals/conversions.rb', line 110 def convert_unstructured_exception(payload) Kit::Signals::Specialized::SqreenException.new( source: "sqreen:rule:#{payload[:rulespack_id]}:#{payload[:rule_name]}", time: payload[:time], ruby_exception: payload[:exception], infos: payload[:infos] ) end |