Class: TCellAgent::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/tcell_agent/configuration.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(filename = "config/tcell_agent.config", useapp = nil) ⇒ Configuration

Returns a new instance of Configuration.



77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
# File 'lib/tcell_agent/configuration.rb', line 77

def initialize(filename="config/tcell_agent.config", useapp=nil)
  # These will be set when the agent starts up, to give rails initializers
  # a chance to run
  @cache_filename = nil
  @agent_log_dir = nil

  @version = 0
  @exp_config_settings = true
  @demomode = false

  @fetch_policies_from_tcell = true
  @instrument_for_events = true

  @disable_all = false
  @enabled = true
  @enable_event_manager = true
  @enable_event_consumer = true
  @enable_policy_polling = true
  @enable_instrumentation = true
  @enable_intercept_requests = true


  @agent_home_dir = File.join(Dir.getwd, "tcell")
  @config_filename = File.join(Dir.getwd, filename)


  @event_batch_size_limit = 50
  @event_time_limit_seconds = 15

  @raise_exceptions = false

  @max_data_ex_db_records_per_request = 1000
  @reverse_proxy = true
  @reverse_proxy_ip_address_header = nil

  read_config_using_env
  read_config_from_file(@config_filename)

  if ENV["TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS"]
    puts "tCell.io Agent: [DEPRECATED] TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS is deprecated, please switch to TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS."
  end

  # Because ENV can override this one
  env_unencrypted_firewall = 
  if (ENV["TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS"] != nil)
    @allow_unencrypted_appfirewall_payloads = [true, "true", "yes", "1"].include?(ENV["TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS"])
  end
  if (ENV["TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS"] != nil)
    @allow_unencrypted_appfirewall_payloads = [true, "true", "yes", "1"].include?(ENV["TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS"])
  end

  @allow_unencrypted_appfirewall_payloads_logging = [true, "true", "yes", "1"].include?(ENV["TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS_LOGGING"])

  @tcell_api_url ||= "https://api.tcell.io/api/v1"
  @tcell_input_url ||= "https://input.tcell.io/api/v1"
  @js_agent_api_base_url ||= nil
  @js_agent_url ||= "https://api.tcell.io/tcellagent.min.js"

  if (@host_identifier == nil)
    begin
      @host_identifier = (Socket.gethostname() || "localhost")
    rescue Exception
      @host_identifier = "host_identifier_not_found"
    end
  end

  @uuid = SecureRandom.uuid

  load_app_sensor_restrictions
end

Instance Attribute Details

#agent_home_dirObject

Returns the value of attribute agent_home_dir.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def agent_home_dir
  @agent_home_dir
end

#agent_home_ownerObject

Returns the value of attribute agent_home_owner.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def agent_home_owner
  @agent_home_owner
end

#agent_log_dirObject

Returns the value of attribute agent_log_dir.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def agent_log_dir
  @agent_log_dir
end

#allow_unencrypted_appfirewall_payloadsObject

Returns the value of attribute allow_unencrypted_appfirewall_payloads.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def allow_unencrypted_appfirewall_payloads
  @allow_unencrypted_appfirewall_payloads
end

#allow_unencrypted_appfirewall_payloads_loggingObject

Returns the value of attribute allow_unencrypted_appfirewall_payloads_logging.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def allow_unencrypted_appfirewall_payloads_logging
  @allow_unencrypted_appfirewall_payloads_logging
end

#api_keyObject

Returns the value of attribute api_key.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def api_key
  @api_key
end

#app_idObject

Returns the value of attribute app_id.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def app_id
  @app_id
end

#base_dirObject

Returns the value of attribute base_dir.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def base_dir
  @base_dir
end

#blacklisted_paramsObject

Returns the value of attribute blacklisted_params.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def blacklisted_params
  @blacklisted_params
end

#cache_filenameObject

Returns the value of attribute cache_filename.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def cache_filename
  @cache_filename
end

#companyObject

Returns the value of attribute company.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def company
  @company
end

#config_filenameObject

Returns the value of attribute config_filename.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def config_filename
  @config_filename
end

#disable_allObject

Returns the value of attribute disable_all.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def disable_all
  @disable_all
end

#enable_event_consumerObject

Returns the value of attribute enable_event_consumer.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def enable_event_consumer
  @enable_event_consumer
end

#enable_event_managerObject

Returns the value of attribute enable_event_manager.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def enable_event_manager
  @enable_event_manager
end

#enable_instrumentationObject

Returns the value of attribute enable_instrumentation.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def enable_instrumentation
  @enable_instrumentation
end

#enable_intercept_requestsObject

Returns the value of attribute enable_intercept_requests.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def enable_intercept_requests
  @enable_intercept_requests
end

#enable_policy_pollingObject

Returns the value of attribute enable_policy_polling.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def enable_policy_polling
  @enable_policy_polling
end

#enabledObject

Returns the value of attribute enabled.



47
48
49
 
# File 'lib/tcell_agent/configuration.rb', line 47

def enabled
  @enabled
end

#event_batch_size_limitObject

Returns the value of attribute event_batch_size_limit.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def event_batch_size_limit
  @event_batch_size_limit
end

#event_time_limit_secondsObject

Returns the value of attribute event_time_limit_seconds.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def event_time_limit_seconds
  @event_time_limit_seconds
end

#exp_config_settingsObject

Returns the value of attribute exp_config_settings.



55
56
57
 
# File 'lib/tcell_agent/configuration.rb', line 55

def exp_config_settings
  @exp_config_settings
end

#fetch_policies_from_tcellObject

Returns the value of attribute fetch_policies_from_tcell.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def fetch_policies_from_tcell
  @fetch_policies_from_tcell
end

#hmac_keyObject

Returns the value of attribute hmac_key.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def hmac_key
  @hmac_key
end

#host_identifierObject

Returns the value of attribute host_identifier.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def host_identifier
  @host_identifier
end

#instrument_for_eventsObject

Returns the value of attribute instrument_for_events.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def instrument_for_events
  @instrument_for_events
end

#js_agent_api_base_urlObject

Returns the value of attribute js_agent_api_base_url.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def js_agent_api_base_url
  @js_agent_api_base_url
end

#js_agent_urlObject

Returns the value of attribute js_agent_url.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def js_agent_url
  @js_agent_url
end

#logging_optionsObject

Returns the value of attribute logging_options.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def logging_options
  @logging_options
end

#max_data_ex_db_records_per_requestObject

Returns the value of attribute max_data_ex_db_records_per_request.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def max_data_ex_db_records_per_request
  @max_data_ex_db_records_per_request
end

#preload_policy_filenameObject

Returns the value of attribute preload_policy_filename.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def preload_policy_filename
  @preload_policy_filename
end

#proxy_hostObject

Returns the value of attribute proxy_host.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def proxy_host
  @proxy_host
end

#proxy_passwordObject

Returns the value of attribute proxy_password.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def proxy_password
  @proxy_password
end

#proxy_portObject

Returns the value of attribute proxy_port.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def proxy_port
  @proxy_port
end

#proxy_usernameObject

Returns the value of attribute proxy_username.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def proxy_username
  @proxy_username
end

#raise_exceptionsObject

Returns the value of attribute raise_exceptions.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def raise_exceptions
  @raise_exceptions
end

#reverse_proxyObject

Returns the value of attribute reverse_proxy.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def reverse_proxy
  @reverse_proxy
end

#reverse_proxy_ip_address_headerObject

Returns the value of attribute reverse_proxy_ip_address_header.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def reverse_proxy_ip_address_header
  @reverse_proxy_ip_address_header
end

#session_cookie_namesObject

Returns the value of attribute session_cookie_names.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def session_cookie_names
  @session_cookie_names
end

#tcell_api_urlObject

Returns the value of attribute tcell_api_url.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def tcell_api_url
  @tcell_api_url
end

#tcell_input_urlObject

Returns the value of attribute tcell_input_url.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def tcell_input_url
  @tcell_input_url
end

#use_websocketsObject

Returns the value of attribute use_websockets.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def use_websockets
  @use_websockets
end

#uuidObject

Returns the value of attribute uuid.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def uuid
  @uuid
end

#versionObject

Returns the value of attribute version.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def version
  @version
end

#whitelist_presentObject

Returns the value of attribute whitelist_present.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def whitelist_present
  @whitelist_present
end

#whitelisted_paramsObject

Returns the value of attribute whitelisted_params.



19
20
21
 
# File 'lib/tcell_agent/configuration.rb', line 19

def whitelisted_params
  @whitelisted_params
end

Instance Method Details

#appfirewall_payloads_log_filenameObject 



322
323
324
325
 
# File 'lib/tcell_agent/configuration.rb', line 322

def appfirewall_payloads_log_filename
  @agent_log_dir ||= File.join(@agent_home_dir, "logs")
  File.join(@agent_log_dir, "tcell_agent_payloads.log")
end

#cache_filename_with_app_idObject 



148
149
150
151
152
153
154
155
156
 
# File 'lib/tcell_agent/configuration.rb', line 148

def cache_filename_with_app_id
  @cache_filename ||= File.join(@agent_home_dir, "cache", "tcell_agent.cache")

  if @app_id
    "#{@cache_filename}.#{@app_id}"
  else
    @cache_filename
  end
end

#load_app_sensor_restrictionsObject

def read



274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
 
# File 'lib/tcell_agent/configuration.rb', line 274

def load_app_sensor_restrictions
  payloads_config_filename = ENV["TCELL_AGENT_PAYLOADS_CONFIG"] || "config/tcell_agent_payloads.config"

  @blacklisted_params = {
    "token" => true,
    "client_secret" => true,
    "password" => true,
    "passwd" => true,
    "refresh_token" => true,
    "pf.pass" => true,
    "user.password" => true
  }
  @whitelisted_params = {}
  @whitelist_present = false

  if File.file?(payloads_config_filename)
    begin
      payloads_config = YAML.load(File.open(payloads_config_filename).read)
      if payloads_config.has_key?("blacklisted")
        @blacklisted_params = {}
        payloads_config["blacklisted"].each do |param_name|
          @blacklisted_params[param_name.downcase] = true
        end
      end
      if payloads_config.has_key?("whitelisted")
        @whitelist_present = true
        payloads_config["whitelisted"].each do |param_name|
          @whitelisted_params[param_name.downcase] = true
        end
      end

    rescue Exception => e
      @allow_unencrypted_appfirewall_payloads = false

      puts " ********* ********* ********* **********"
      puts "* tCell.io                               *"
      puts "* Could not load payloads config file    *"
      puts " ********* ********* ********* **********"
      puts e
    end
  end
end

#log_filenameObject 



317
318
319
320
 
# File 'lib/tcell_agent/configuration.rb', line 317

def log_filename
  @agent_log_dir ||= File.join(@agent_home_dir, "logs")
  File.join(@agent_log_dir, "tcell_agent.log")
end

#read_config_from_file(filename) ⇒ Object 



180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
 
# File 'lib/tcell_agent/configuration.rb', line 180

def read_config_from_file(filename)
  if File.file?(filename)
    #puts "tCell.io: Loading from file"
    begin
      config_text = File.open(filename).read
      config = JSON.parse(config_text)
      if (config["version"] == 1)
        # Required
        app_data = config["applications"][0] #Default
        @version = 1
        @app_id ||= app_data["app_id"]
        @app_id ||= app_data["name"]
        @api_key ||= app_data["api_key"]

        # Optional
        @preload_policy_filename = app_data.fetch("preload_policy_filename", nil)

        @disable_all = app_data.fetch("disable_all", @disable_all)
        @enabled = app_data.fetch("enabled", @enabled)

        @enable_event_manager = app_data.fetch("enable_event_manager", @enable_event_manager)
        @enable_event_consumer = app_data.fetch("enable_event_consumer", @enable_event_consumer)
        @enable_policy_polling = app_data.fetch("enable_policy_polling", @enable_policy_polling)
        @enable_instrumentation = app_data.fetch("enable_instrumentation", @enable_instrumentation)
        @enable_intercept_requests = app_data.fetch("enable_intercept_requests", @enable_intercept_requests)
        @fetch_policies_from_tcell = app_data.fetch("fetch_policies_from_tcell", @fetch_policies_from_tcell)
        @instrument_for_events = app_data.fetch("instrument_for_events", @instrument_for_events)

        @agent_home_owner = app_data.fetch("agent_home_owner",@agent_home_owner)

        @logging_options = app_data.fetch("logging_options", {})

        @tcell_api_url = app_data.fetch("tcell_api_url", @tcell_api_url)
        @tcell_input_url = app_data.fetch("tcell_input_url", @tcell_input_url)

        @proxy_host = app_data["proxy_host"]
        @proxy_port = app_data["proxy_port"]
        @proxy_username = app_data["proxy_username"]
        @proxy_password = app_data["proxy_password"]

        @use_websockets = app_data["use_websockets"]

        @allow_unencrypted_appfirewall_payloads =
          app_data.fetch('allow_unencrypted_appsensor_payloads', @allow_unencrypted_appfirewall_payloads)
        @allow_unencrypted_appfirewall_payloads =
          app_data.fetch('allow_unencrypted_appfirewall_payloads', @allow_unencrypted_appfirewall_payloads)

        data_exposure = app_data.fetch('data_exposure', {})
        @max_data_ex_db_records_per_request = data_exposure.fetch('max_data_ex_db_records_per_request', @max_data_ex_db_records_per_request)

        @reverse_proxy = app_data.fetch('reverse_proxy', @reverse_proxy)
        @reverse_proxy_ip_address_header = app_data.fetch('reverse_proxy_ip_address_header', @reverse_proxy_ip_address_header)

        @host_identifier = @host_identifier || app_data.fetch("host_identifier", @host_identifier)
        @hmac_key ||= app_data["hmac_key"] # if not already set
        @session_cookie_names = app_data["session_cookie_names"]
        @uuid = SecureRandom.uuid
        if (@uuid == nil)
          @uuid = "secure-random-failed"
        end

        if app_data.key?("js_agent_api_base_url")
          @js_agent_api_base_url = app_data["js_agent_api_base_url"]
        end
        if app_data.key?("js_agent_url")
          @js_agent_url = app_data["js_agent_url"]
        end

        # Causes old event url to be used
        @company = app_data["company"]

        if @demomode != true
          @demomode = app_data.fetch('demomode', false)
        end
        if @demomode
          @event_batch_size_limit = 2
          @event_time_limit_seconds = 5
        end
      else
        puts " ********* ********* ********* *********"
        puts "* tCell.io                               *"
        puts "* Unsupported config file version        *"
        puts " ********* ********* ********* *********"
      end
    rescue Exception => e
      puts " ********* ********* ********* *********"
      puts "* tCell.io                               *"
      puts "* Could not load config file             *"
      puts " ********* ********* ********* *********"
      puts e
    end #begin
  end # filename exist
end

#read_config_using_envObject 



158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
 
# File 'lib/tcell_agent/configuration.rb', line 158

def read_config_using_env
  @app_id = ENV["TCELL_AGENT_APP_ID"]
  @api_key = ENV["TCELL_AGENT_API_KEY"]
  @hmac_key = ENV["TCELL_HMAC_KEY"]
  @host_identifier = ENV["TCELL_AGENT_HOST_IDENTIFIER"] || @host_identifier
  @tcell_api_url = ENV["TCELL_API_URL"]
  @tcell_input_url = ENV["TCELL_INPUT_URL"]
  @demomode = ENV["TCELL_DEMOMODE"] || @demomode

  @agent_home_dir = ENV["TCELL_AGENT_HOME"] || @agent_home_dir
  @agent_home_owner = ENV["TCELL_AGENT_HOME_OWNER"]
  @agent_log_dir = ENV["TCELL_AGENT_LOG_DIR"]
  @config_filename = ENV["TCELL_AGENT_CONFIG"] || @config_filename

  if @demomode
    @event_batch_size_limit = 2
    @event_time_limit_seconds = 5
  end

  @raise_exceptions = [true, "true", "yes", "1"].include?(ENV["TCELL_RAISE_EXCEPTIONS"])
end

#should_consume_event?Boolean

Returns:

  • (Boolean) 


61
62
63
 
# File 'lib/tcell_agent/configuration.rb', line 61

def should_consume_event?
  @enabled && @enable_event_manager && @enable_event_consumer
end

#should_instrument?Boolean

Returns:

  • (Boolean) 


69
70
71
 
# File 'lib/tcell_agent/configuration.rb', line 69

def should_instrument?
  @enabled && @enable_instrumentation && @instrument_for_events # instrument_for_events = legacy
end

#should_intercept_requests?Boolean

Returns:

  • (Boolean) 


73
74
75
 
# File 'lib/tcell_agent/configuration.rb', line 73

def should_intercept_requests?
  @enabled && @enable_instrumentation && @enable_intercept_requests
end

#should_start_event_manager?Boolean

Returns:

  • (Boolean) 


57
58
59
 
# File 'lib/tcell_agent/configuration.rb', line 57

def should_start_event_manager?
  @enabled && @enable_event_manager
end

#should_start_policy_poll?Boolean

Returns:

  • (Boolean) 


65
66
67
 
# File 'lib/tcell_agent/configuration.rb', line 65

def should_start_policy_poll?
  @enabled && @enable_policy_polling && @fetch_policies_from_tcell # fetch_policies_from_tcel = legacy
end