Class: TCellAgent::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/tcell_agent/configuration.rb

Overview

rubocop:disable Metrics/ClassLength

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(filename = 'config/tcell_agent.config', _useapp = nil) ⇒ Configuration

Returns a new instance of Configuration.



114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
 
# File 'lib/tcell_agent/configuration.rb', line 114

def initialize(filename = 'config/tcell_agent.config', _useapp = nil)
  # These will be set when the agent starts up, to give rails initializers
  # a chance to run
  @cache_filename = nil
  @agent_log_dir = nil
  @log_tag = nil

  @version = 0
  @demomode = false

  @fetch_policies_from_tcell = true
  @instrument_for_events = true

  @disable_all = false
  @enabled = true
  @enable_event_manager = true
  @enable_policy_polling = true
  @enable_instrumentation = true
  @enable_intercept_requests = true

  @enabled_instrumentations = {
    :doorkeeper => true,
    :devise => true,
    :authlogic => true
  }

  @disable_cmdi_exec_instrumentation = false

  @log_file_name = 'tcell_agent.log'

  @event_batch_size_limit = 50
  @event_time_limit_seconds = 15

  @max_data_ex_db_records_per_request = 1000
  @reverse_proxy = true
  @reverse_proxy_ip_address_header = 'X-Forwarded-For'
  @allow_payloads = true

  @max_csp_header_bytes = nil
  @password_hmac_key = nil
  @logging_options = {}

  @agent_home_dir = ENV['TCELL_AGENT_HOME'] || File.join(Dir.getwd, 'tcell')
  @cache_folder = File.join(@agent_home_dir, 'cache/')
  @agent_log_dir = File.join(@agent_home_dir, 'logs')

  @config_filename = ENV['TCELL_AGENT_CONFIG'] || File.join(Dir.getwd, filename)

  read_config_from_file(@config_filename)
  read_config_using_env

  if @demomode
    @event_batch_size_limit = 1
    @event_time_limit_seconds = 2
  end

  @tcell_api_url ||= 'https://us.agent.tcell.insight.rapid7.com/api/v1'
  @tcell_input_url ||= 'https://us.input.tcell.insight.rapid7.com/api/v1'
  @js_agent_url ||= 'https://us.jsagent.tcell.insight.rapid7.com/tcellagent.min.js'

  if @host_identifier.nil?
    begin
      @host_identifier = (Socket.gethostname || 'localhost')
    rescue StandardError
      @host_identifier = 'host_identifier_not_found'
    end
  end

  @uuid = SecureRandom.uuid
end

Instance Attribute Details

#agent_home_dirObject

Returns the value of attribute agent_home_dir.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def agent_home_dir
  @agent_home_dir
end

#agent_log_dirObject

Returns the value of attribute agent_log_dir.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def agent_log_dir
  @agent_log_dir
end

#allow_payloadsObject

Returns the value of attribute allow_payloads.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def allow_payloads
  @allow_payloads
end

#api_keyObject

Returns the value of attribute api_key.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def api_key
  @api_key
end

#app_idObject

Returns the value of attribute app_id.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def app_id
  @app_id
end

#base_dirObject

Returns the value of attribute base_dir.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def base_dir
  @base_dir
end

#cache_filenameObject

Returns the value of attribute cache_filename.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def cache_filename
  @cache_filename
end

#cache_folderObject

Returns the value of attribute cache_folder.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def cache_folder
  @cache_folder
end

#config_filenameObject

Returns the value of attribute config_filename.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def config_filename
  @config_filename
end

#demomodeObject

Returns the value of attribute demomode.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def demomode
  @demomode
end

#disable_allObject

Returns the value of attribute disable_all.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def disable_all
  @disable_all
end

#disable_cmdi_exec_instrumentationObject

true = disable cmdi Kernel::exec instrumentation



68
69
70
 
# File 'lib/tcell_agent/configuration.rb', line 68

def disable_cmdi_exec_instrumentation
  @disable_cmdi_exec_instrumentation
end

#enable_event_consumerObject

Returns the value of attribute enable_event_consumer.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def enable_event_consumer
  @enable_event_consumer
end

#enable_event_managerObject

Returns the value of attribute enable_event_manager.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def enable_event_manager
  @enable_event_manager
end

#enable_instrumentationObject

Returns the value of attribute enable_instrumentation.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def enable_instrumentation
  @enable_instrumentation
end

#enable_intercept_requestsObject

Returns the value of attribute enable_intercept_requests.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def enable_intercept_requests
  @enable_intercept_requests
end

#enable_policy_pollingObject

Returns the value of attribute enable_policy_polling.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def enable_policy_polling
  @enable_policy_polling
end

#enabledObject

Returns the value of attribute enabled.



56
57
58
 
# File 'lib/tcell_agent/configuration.rb', line 56

def enabled
  @enabled
end

#enabled_instrumentationsObject

Returns the value of attribute enabled_instrumentations.



64
65
66
 
# File 'lib/tcell_agent/configuration.rb', line 64

def enabled_instrumentations
  @enabled_instrumentations
end

#event_batch_size_limitObject

Returns the value of attribute event_batch_size_limit.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def event_batch_size_limit
  @event_batch_size_limit
end

#event_time_limit_secondsObject

Returns the value of attribute event_time_limit_seconds.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def event_time_limit_seconds
  @event_time_limit_seconds
end

#exp_config_settingsObject

Returns the value of attribute exp_config_settings.



66
67
68
 
# File 'lib/tcell_agent/configuration.rb', line 66

def exp_config_settings
  @exp_config_settings
end

#fetch_policies_from_tcellObject

Returns the value of attribute fetch_policies_from_tcell.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def fetch_policies_from_tcell
  @fetch_policies_from_tcell
end

#hmac_keyObject

Returns the value of attribute hmac_key.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def hmac_key
  @hmac_key
end

#host_identifierObject

Returns the value of attribute host_identifier.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def host_identifier
  @host_identifier
end

#instrument_for_eventsObject

Returns the value of attribute instrument_for_events.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def instrument_for_events
  @instrument_for_events
end

#js_agent_api_base_urlObject

Returns the value of attribute js_agent_api_base_url.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def js_agent_api_base_url
  @js_agent_api_base_url
end

#js_agent_urlObject

Returns the value of attribute js_agent_url.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def js_agent_url
  @js_agent_url
end

#log_file_nameObject

Returns the value of attribute log_file_name.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def log_file_name
  @log_file_name
end

#log_tagObject

Returns the value of attribute log_tag.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def log_tag
  @log_tag
end

#logging_optionsObject

Returns the value of attribute logging_options.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def logging_options
  @logging_options
end

#max_csp_header_bytesObject

Returns the value of attribute max_csp_header_bytes.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def max_csp_header_bytes
  @max_csp_header_bytes
end

#max_data_ex_db_records_per_requestObject

Returns the value of attribute max_data_ex_db_records_per_request.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def max_data_ex_db_records_per_request
  @max_data_ex_db_records_per_request
end

#password_hmac_keyObject

Returns the value of attribute password_hmac_key.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def password_hmac_key
  @password_hmac_key
end

#preload_policy_filenameObject

Returns the value of attribute preload_policy_filename.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def preload_policy_filename
  @preload_policy_filename
end

#reverse_proxyObject

Returns the value of attribute reverse_proxy.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def reverse_proxy
  @reverse_proxy
end

#reverse_proxy_ip_address_headerObject

Returns the value of attribute reverse_proxy_ip_address_header.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def reverse_proxy_ip_address_header
  @reverse_proxy_ip_address_header
end

#stdout_loggerObject

Returns the value of attribute stdout_logger.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def stdout_logger
  @stdout_logger
end

#tcell_api_urlObject

Returns the value of attribute tcell_api_url.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def tcell_api_url
  @tcell_api_url
end

#tcell_input_urlObject

Returns the value of attribute tcell_input_url.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def tcell_input_url
  @tcell_input_url
end

#uuidObject

Returns the value of attribute uuid.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def uuid
  @uuid
end

#versionObject

Returns the value of attribute version.



25
26
27
 
# File 'lib/tcell_agent/configuration.rb', line 25

def version
  @version
end

Instance Method Details

#clean_logging_optionsObject 



312
313
314
315
316
317
318
 
# File 'lib/tcell_agent/configuration.rb', line 312

def clean_logging_options
  {
    :enabled => true,
    :level => 'INFO',
    :filename => log_file_name
  }.merge(enforce_symbol_keys(@logging_options || {}))
end

#enforce_symbol_keys(hashmap) ⇒ Object 



297
298
299
300
301
 
# File 'lib/tcell_agent/configuration.rb', line 297

def enforce_symbol_keys(hashmap)
  hashmap.each_with_object({}) do |(k, v), memo|
    memo[k.to_sym] = v
  end
end

#log_filenameObject 



307
308
309
310
 
# File 'lib/tcell_agent/configuration.rb', line 307

def log_filename
  @agent_log_dir ||= File.join(@agent_home_dir, 'logs')
  File.join(@agent_log_dir, @log_file_name)
end

#logging_enabled?Boolean

Returns:

  • (Boolean) 


303
304
305
 
# File 'lib/tcell_agent/configuration.rb', line 303

def logging_enabled?
  @enabled && enforce_symbol_keys(@logging_options || {})[:enabled]
end

#read_config_from_file(filename) ⇒ Object 



207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
 
# File 'lib/tcell_agent/configuration.rb', line 207

def read_config_from_file(filename)
  return unless File.file?(filename)

  begin
    config_text = File.open(filename).read
    config = JSON.parse(config_text)

    messages = TCellAgent::Config::Validate.get_unknown_options(config)
    messages.each do |message|
      puts message
    end

    if config['version'] == 1
      # Required
      app_data = config['applications'][0] # Default
      @version = 1
      @app_id = app_data['app_id']
      @api_key = app_data['api_key']

      # Optional
      @preload_policy_filename = app_data.fetch('preload_policy_filename', nil)

      @disable_all = app_data.fetch('disable_all', @disable_all)
      @enabled = app_data.fetch('enabled', @enabled)

      @enable_event_manager = app_data.fetch('enable_event_manager', @enable_event_manager)
      @enable_policy_polling = app_data.fetch('enable_policy_polling', @enable_policy_polling)
      @enable_instrumentation = app_data.fetch('enable_instrumentation', @enable_instrumentation)
      @enable_intercept_requests = app_data.fetch('enable_intercept_requests', @enable_intercept_requests)
      @fetch_policies_from_tcell = app_data.fetch('fetch_policies_from_tcell', @fetch_policies_from_tcell)
      @instrument_for_events = app_data.fetch('instrument_for_events', @instrument_for_events)

      @logging_options = app_data.fetch('logging_options', {})
      @agent_log_dir = app_data.fetch('log_dir', @agent_log_dir)
      @log_file_name = @logging_options['filename'] || @log_file_name

      @tcell_api_url = app_data.fetch('tcell_api_url', @tcell_api_url)
      @tcell_input_url = app_data.fetch('tcell_input_url', @tcell_input_url)

      @max_csp_header_bytes = app_data.fetch('max_csp_header_bytes', @max_csp_header_bytes)

      @allow_payloads = app_data.fetch(
        'allow_payloads',
        @allow_payloads
      )

      data_exposure = app_data.fetch('data_exposure', {})
      @max_data_ex_db_records_per_request = data_exposure.fetch('max_data_ex_db_records_per_request', @max_data_ex_db_records_per_request)

      @enabled_instrumentations = app_data.fetch('enabled_instrumentations', @enabled_instrumentations)

      @reverse_proxy = app_data.fetch('reverse_proxy', @reverse_proxy)
      @reverse_proxy_ip_address_header = app_data.fetch('reverse_proxy_ip_address_header', @reverse_proxy_ip_address_header)

      @host_identifier = app_data.fetch('host_identifier', @host_identifier)
      @hmac_key = app_data.fetch('hmac_key', @hmac_key)

      @password_hmac_key = app_data.fetch('password_hmac_key', @password_hmac_key)

      @uuid = SecureRandom.uuid
      @uuid = 'secure-random-failed' if @uuid.nil?

      if app_data.key?('js_agent_api_base_url')
        @js_agent_api_base_url = app_data['js_agent_api_base_url']
      end
      if app_data.key?('js_agent_url')
        @js_agent_url = app_data['js_agent_url']
      end

      @demomode = app_data.fetch('demomode', @demomode)
    else
      puts ' ********* ********* ********* *********'
      puts '* tCell.io                               *'
      puts '* Unsupported config file version        *'
      puts ' ********* ********* ********* *********'
    end
  rescue StandardError => e
    puts ' ********* ********* ********* *********'
    puts '* tCell.io                               *'
    puts '* Could not load config file             *'
    puts ' ********* ********* ********* *********'
    puts e
  end
end

#read_config_using_envObject 



185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
 
# File 'lib/tcell_agent/configuration.rb', line 185

def read_config_using_env
  @app_id = ENV['TCELL_AGENT_APP_ID'] || @app_id
  @api_key = ENV['TCELL_AGENT_API_KEY'] || @api_key
  @hmac_key = ENV['TCELL_HMAC_KEY'] || @hmac_key
  @password_hmac_key = ENV['TCELL_PASSWORD_HMAC_KEY'] || @password_hmac_key
  @host_identifier = ENV['TCELL_AGENT_HOST_IDENTIFIER'] || @host_identifier
  @tcell_api_url = ENV['TCELL_API_URL'] || @tcell_api_url
  @tcell_input_url = ENV['TCELL_INPUT_URL'] || @tcell_input_url
  @demomode = ENV['TCELL_DEMOMODE'] || @demomode

  @agent_log_dir = ENV['TCELL_AGENT_LOG_DIR'] || @agent_log_dir
  @log_file_name = ENV['TCELL_AGENT_LOG_FILENAME'] || @log_file_name

  @logging_options['enabled'] = to_bool(ENV['TCELL_AGENT_LOG_ENABLED']) unless to_bool(ENV['TCELL_AGENT_LOG_ENABLED']).nil?
  @logging_options['level'] = ENV['TCELL_AGENT_LOG_LEVEL'] || @logging_options['level'] unless @logging_options.nil?

  @enabled = to_bool(ENV['TCELL_AGENT_ENABLED']) unless to_bool(ENV['TCELL_AGENT_ENABLED']).nil?

  @allow_payloads = to_bool(ENV['TCELL_AGENT_ALLOW_PAYLOADS']) unless to_bool(ENV['TCELL_AGENT_ALLOW_PAYLOADS']).nil?
  @disable_cmdi_exec_instrumentation = to_bool(ENV['TCELL_CMDI_EXEC_DISABLED']) || @disable_cmdi_exec_instrumentation
end

#should_instrument?Boolean

Returns:

  • (Boolean) 


78
79
80
 
# File 'lib/tcell_agent/configuration.rb', line 78

def should_instrument?
  @enabled && @enable_instrumentation && @instrument_for_events # instrument_for_events = legacy
end

#should_instrument_authlogic?Boolean

Returns:

  • (Boolean) 


102
103
104
105
106
107
108
 
# File 'lib/tcell_agent/configuration.rb', line 102

def should_instrument_authlogic?
  if @enabled_instrumentations.key?('authlogic') || @enabled_instrumentations.key?(:authlogic)
    !!(@enabled_instrumentations['authlogic'] || @enabled_instrumentations[:authlogic]) # rubocop:disable Style/DoubleNegation
  else
    true
  end
end

#should_instrument_cmdi_exec?Boolean

Returns:

  • (Boolean) 


110
111
112
 
# File 'lib/tcell_agent/configuration.rb', line 110

def should_instrument_cmdi_exec?
  !@disable_cmdi_exec_instrumentation
end

#should_instrument_devise?Boolean

Returns:

  • (Boolean) 


94
95
96
97
98
99
100
 
# File 'lib/tcell_agent/configuration.rb', line 94

def should_instrument_devise?
  if @enabled_instrumentations.key?('devise') || @enabled_instrumentations.key?(:devise)
    !!(@enabled_instrumentations['devise'] || @enabled_instrumentations[:devise]) # rubocop:disable Style/DoubleNegation
  else
    true
  end
end

#should_instrument_doorkeeper?Boolean

Returns:

  • (Boolean) 


86
87
88
89
90
91
92
 
# File 'lib/tcell_agent/configuration.rb', line 86

def should_instrument_doorkeeper?
  if @enabled_instrumentations.key?('doorkeeper') || @enabled_instrumentations.key?(:doorkeeper)
    !!(@enabled_instrumentations['doorkeeper'] || @enabled_instrumentations[:doorkeeper]) # rubocop:disable Style/DoubleNegation
  else
    true
  end
end

#should_intercept_requests?Boolean

Returns:

  • (Boolean) 


82
83
84
 
# File 'lib/tcell_agent/configuration.rb', line 82

def should_intercept_requests?
  @enabled && @enable_instrumentation && @enable_intercept_requests
end

#should_start_event_manager?Boolean

Returns:

  • (Boolean) 


70
71
72
 
# File 'lib/tcell_agent/configuration.rb', line 70

def should_start_event_manager?
  @enabled && @enable_event_manager
end

#should_start_policy_poll?Boolean

Returns:

  • (Boolean) 


74
75
76
 
# File 'lib/tcell_agent/configuration.rb', line 74

def should_start_policy_poll?
  @enabled && @enable_policy_polling && @fetch_policies_from_tcell # fetch_policies_from_tcel = legacy
end

#to_bool(var) ⇒ Object 



292
293
294
295
 
# File 'lib/tcell_agent/configuration.rb', line 292

def to_bool(var)
  return unless var
  var.to_s.casecmp('true').zero? if %w[true false].include? var.to_s.downcase
end