Class: Contrast::Agent::Reporting::ApplicationActivity

Inherits:
ApplicationReportingEvent show all
Includes:
ResponseType, Components::Logger::InstanceMethods
Defined in:
lib/contrast/agent/reporting/reporting_events/application_activity.rb

Overview

This is the new ApplicationActivity class which will include all the needed information for the new reporting system to report

Constant Summary

Constants included from ResponseType

ResponseType::AGGREGATED, ResponseType::BLOCKED, ResponseType::BLOCKED_AT_PERIMETER, ResponseType::EXPLOITED, ResponseType::MONITORED, ResponseType::NO_ACTION, ResponseType::PROBED, ResponseType::SUSPICIOUS

Instance Attribute Summary collapse

Attributes inherited from ReportingEvent

#event_endpoint, #event_method

Instance Method Summary collapse

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Methods included from ResponseType

to_a

Methods inherited from ReportingEvent

#attach_headers

Methods inherited from ReportableHash

#event_json, #valid?, #validate

Constructor Details

#initialize(ia_request: nil) ⇒ ApplicationActivity

Returns a new instance of ApplicationActivity.

Parameters:



23
24
25
26
27
28
29
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 23

def initialize ia_request: nil
  @event_method = :PUT
  @event_type = :application_activity
  @event_endpoint = Contrast::Agent::Reporting::Endpoints.application_activity
  @_request = FindingRequest.convert(ia_request) if ia_request
  super()
end

Instance Attribute Details

#responseContrast::Agent::Response

Returns:



20
21
22
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 20

def response
  @response
end

Instance Method Details

#attach_defend(attack_result) ⇒ Object

This is primary used for attaching new data and merging existing samples and counts per rule entry in attackers.

Parameters:



101
102
103
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 101

def attach_defend attack_result
  defend.attach_data(attack_result)
end

#attach_inventory(architecture) ⇒ Object

This is primary used for attaching new inventory reporting

Parameters:



108
109
110
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 108

def attach_inventory architecture
  inventory.attach_data(architecture)
end

#attack_resultsArray<[Contrast::Agent::Reporting::ApplicationDefendAttackerActivity]>

By reference. List of all results only by values, no rule_ids.

Returns:



93
94
95
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 93

def attack_results
  defend.attackers.map { |a| a.protection_rules.values }
end

#attack_results_for(rule_id, response_type = nil) ⇒ Array<Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity>?

Look for attack results and access to samples by searching with rule_id and response_type

return any matches.

Parameters:

Returns:



68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 68

def attack_results_for rule_id, response_type = nil
  results = []
  defend.attackers.each do |attacker|
    next unless attacker.protection_rules[rule_id]

    result = case response_type
             when BLOCKED, BLOCKED_AT_PERIMETER
               attacker.protection_rules[rule_id].blocked
             when EXPLOITED
               attacker.protection_rules[rule_id].exploited
             when PROBED
               attacker.protection_rules[rule_id].ineffective
             when SUSPICIOUS
               attacker.protection_rules[rule_id].suspicious
             else
               attacker.protection_rules[rule_id]
             end
    results << result if result
  end
  results
end

#defendContrast::Agent::Reporting::ApplicationDefendActivity

activity for all protect rules.

Returns:



38
39
40
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 38

def defend
  @_defend ||= Contrast::Agent::Reporting::ApplicationDefendActivity.new(ia_request: request)
end

#file_nameObject 



49
50
51
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 49

def file_name
  'activity-application'
end

#inventoryContrast::Agent::Reporting::ApplicationInventoryActivity

activity for all inventory activity reporting.

Returns:



44
45
46
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 44

def inventory
  @_inventory ||= Contrast::Agent::Reporting::ApplicationInventoryActivity.new
end

#requestContrast::Agent::Reporting::FindingRequest

Returns Current context’s request.

Returns:



32
33
34
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 32

def request
  @_request ||= FindingRequest.convert(Contrast::Agent::REQUEST_TRACKER.current&.request)
end

#to_controlled_hashObject 



53
54
55
56
57
58
 
# File 'lib/contrast/agent/reporting/reporting_events/application_activity.rb', line 53

def to_controlled_hash
  hsh = { lastUpdate: since_last_update }
  hsh[:defend] = defend&.to_controlled_hash
  hsh[:inventory] = inventory&.to_controlled_hash
  hsh
end