Skip to content

IAST Monitoring: Memory optimzations #393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: feature/event-sampling
Choose a base branch
from
+3 −486
Open

IAST Monitoring: Memory optimzations #393

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c62d4ca
Remove unused string constants
lovesh-ap Jan 27, 2025
453a6fd
Merge branch 'refs/heads/feature/event-sampling' into feature/event-s…
lovesh-ap Feb 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java
View file
Original file line number Diff line number Diff line change
@@ -44,8 +44,6 @@ public class AgentConfig {
public static final String ACCOUNT_ID_LOCATION = "account_id_location";
public static final String ACCOUNT_ID_KEY = "account_id_key";
public static final String ROUTE = "route";
public static final String MAPPING_PARAMETERS_ARE_REQUIRED_FOR_IAST_RESTRICTED_MODE = "Mapping Parameters are required for IAST Restricted Mode";
public static final String DEFAULT_SCAN_SCHEDULE_EXPRESSION = "0 0 0 * * ?";
public static final String INVALID_SECURITY_CONFIGURATION_FOR_MODE_IAST_RESTRICTED = "Invalid Security Configuration for mode IAST_RESTRICTED ";
public static final String INVALID_SECURITY_CONFIGURATION = "Invalid Security Configuration ";
private static final Logger log = LoggerFactory.getLogger(AgentConfig.class);
8 changes: 0 additions & 8 deletions ...rity-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java
View file
Original file line number Diff line number Diff line change
@@ -56,12 +56,9 @@ public class AgentUtils {

private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance();

public static final String IP_ADDRESS_UNBLOCKED_DUE_TO_TIMEOUT_S = "IP address unblocked due to timeout : %s";
public static final String CLASSES_STR = "/classes/";
public static final String CLASSES_STR_1 = "/classes!";
public static final String CLASSES_STR_2 = "/classes";
public static final String NON_VULNERABLE_API_ALLOWED_TO_EXECUTE_S = "Non vulnerable API allowed to execute : %s";
public static final String VULNERABLE_API_BLOCKED = "Vulnerable API blocked from execution : %s";
public static final String CURRENT_GENERIC_SERVLET_INSTANCE_NULL_IN_DETECT_DEPLOYED_APPLICATION_PATH = "currentGenericServletInstance null in detectDeployedApplicationPath";
public static final String PROTECTION_DOMAIN = "Protection domain : ";
public static final String VFS = "vfs";
@@ -75,11 +72,6 @@ public class AgentUtils {
public static final String CLASSLOADER_IS_NULL_IN_DETECT_DEPLOYED_APPLICATION_PATH = "Classloader is null in detectDeployedApplicationPath";
public static final String ERROR = "Error :";
public static final String CLASSLOADER_RECORD_MISSING_FOR_CLASS = "Classloader record missing for class : ";
private static final String TWO_PIPES = "||";
public static final String CAME_TO_EXTRACT_TAR_BUNDLE = "Came to extract tar bundle : ";
public static final String ENFORCING_POLICY = "Enforcing policy";
public static final String LOG_LEVEL_PROVIDED_IN_POLICY_IS_INCORRECT_DEFAULTING_TO_INFO = "Log level provided in policy is incorrect: %s. Staying at current level";
public static final String ERROR_WHILE_EXTRACTING_FILE_FROM_ARCHIVE_S_S = "Error while extracting file from archive : %s : %s";
public static final String OVER_RIDE_POLICY_DISABLED_IN_NR_CONFIG_AT_S = "Over-ride policy disabled in NR config at '%s'.";
public static final String OVERRIDDEN = "overridden";
public static final String NR_POLICY_OVER_RIDE_IN_PLACE_UPDATED_POLICY_S = "NR policy over-ride in place. Updated policy : %s";
454 changes: 3 additions & 451 deletions ...agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java
View file

Large diffs are not rendered by default.

2 changes: 0 additions & 2 deletions ...rity-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java
View file
Original file line number Diff line number Diff line change
@@ -51,7 +51,6 @@ public class WSClient extends WebSocketClient implements SecurityConnection {
private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance();
public static final String SENDING_EVENT = "sending event: ";
public static final String UNABLE_TO_SEND_EVENT = "Unable to send event : ";
public static final String ERROR_IN_WSOCK_CONNECTION = "Error in WSock connection : ";
public static final String CONNECTION_CLOSED_BY = "WS Connection closed by ";
public static final String REMOTE_PEER = "remote peer.";
public static final String LOCAL = "local.";
@@ -60,7 +59,6 @@ public class WSClient extends WebSocketClient implements SecurityConnection {
public static final String UNABLE_TO_PROCESS_INCOMING_MESSAGE = "Unable to process incoming message : ";
public static final String DUE_TO_ERROR = " : due to error : ";
public static final String RECONNECTING_TO_IC = "Reconnecting to validator";
public static final String COLON_STRING = " : ";
public static final String RECEIVED_PING_AT_S_SENDING_PONG = "received ping at %s sending pong";
public static final String INCOMING_CONTROL_COMMAND_S = "Incoming control command : %s";

17 changes: 0 additions & 17 deletions newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
package com.newrelic.agent.security.util;

public interface IUtilConstants {
String K_2_GROUP_NAME = "K2_GROUP_NAME";
String SECURITY_MODE = "security.mode";
String RASP = "RASP";

@@ -16,7 +15,6 @@ public interface IUtilConstants {

String SKIP_IAST_SCAN = "security.exclude_from_iast_scan";
String SKIP_IAST_SCAN_API = SKIP_IAST_SCAN + ".api";
String SKIP_IAST_SCAN_PARAMETERS = SKIP_IAST_SCAN + ".http_request_parameters";
String SKIP_IAST_SCAN_PARAMETERS_HEADER = SKIP_IAST_SCAN + ".http_request_parameters.header";
String SKIP_IAST_SCAN_PARAMETERS_QUERY = SKIP_IAST_SCAN + ".http_request_parameters.query";
String SKIP_IAST_SCAN_PARAMETERS_BODY = SKIP_IAST_SCAN + ".http_request_parameters.body";
@@ -36,9 +34,6 @@ public interface IUtilConstants {
String MONITORING_CRITERIA_EVENT_QUOTA_PER_TRACE = "security.monitoring_criteria.event_quota_per_trace";
String MONITORING_CRITERIA_REPEAT = "security.monitoring_criteria.repeat";

String RESTRICTION_CRITERIA_SCAN_TIME_SCHEDULE = "security.restriction_criteria.scan_time.schedule";
String RESTRICTION_CRITERIA_SCAN_TIME_DURATION = "security.restriction_criteria.scan_time.duration";
String RESTRICTION_CRITERIA = "security.restriction_criteria";
String RESTRICTION_CRITERIA_ACCOUNT_INFO_ACCOUNT_ID = "security.restriction_criteria.account_info.account_id_value";
String RESTRICTION_CRITERIA_MAPPING_PARAMETERS = "security.restriction_criteria.mapping_parameters";
String RESTRICTION_CRITERIA_MAPPING_PARAMETERS_HEADER = RESTRICTION_CRITERIA_MAPPING_PARAMETERS + ".header";
@@ -52,21 +47,15 @@ public interface IUtilConstants {
String RESTRICTION_CRITERIA_MAPPING_PARAMETERS_HEADER_LOCATION = RESTRICTION_CRITERIA_MAPPING_PARAMETERS_HEADER + ".location";
String RESTRICTION_CRITERIA_MAPPING_PARAMETERS_QUERY_LOCATION = RESTRICTION_CRITERIA_MAPPING_PARAMETERS_QUERY + ".location";
String RESTRICTION_CRITERIA_MAPPING_PARAMETERS_BODY_LOCATION = RESTRICTION_CRITERIA_MAPPING_PARAMETERS_BODY + ".location";
String RESTRICTION_CRITERIA_SKIP_SCAN_PARAMETERS = "security.restriction_criteria.skip_scan_parameters";
String RESTRICTION_CRITERIA_SKIP_SCAN_PARAMETERS_HEADER = "security.restriction_criteria.skip_scan_parameters.header";
String RESTRICTION_CRITERIA_SKIP_SCAN_PARAMETERS_QUERY = "security.restriction_criteria.skip_scan_parameters.query";
String RESTRICTION_CRITERIA_SKIP_SCAN_PARAMETERS_BODY = "security.restriction_criteria.skip_scan_parameters.body";
String RESTRICTION_CRITERIA_STRICT = "security.restriction_criteria.strict";


String GROUP_NAME = "group-name";
String INFO = "INFO";
String OFF = "OFF";
String K_2_LOG_LEVEL = "K2_LOG_LEVEL";
String NR_LOG_LEVEL = "log_level";
String LOG_LEVEL = "log-level";

String PERMISSIONS_ALL = "rwxrwxrwx";

String DIRECTORY_PERMISSION = "rwxrwx---";

@@ -81,14 +70,8 @@ public interface IUtilConstants {
String IAST_SCAN_INSTANCE_COUNT = "security.scan_controllers.scan_instance_count";

String NR_SECURITY_CA_BUNDLE_PATH = "ca_bundle_path";
String NR_CSEC_DEBUG_LOGFILE_SIZE = "NR_CSEC_DEBUG_LOGFILE_SIZE";
String NR_CSEC_DEBUG_LOGFILE_MAX_COUNT = "NR_CSEC_DEBUG_LOGFILE_MAX_COUNT";
String LOG_FILE_PATH = "log_file_path";
String NR_SECURITY_HOME = "nr-security-home";
String PROCESSED = "PROCESSED";
String ERROR = "ERROR";
String SENT = "SENT";
String REJECTED = "REJECTED";
String NR_LOG_DAILY_ROLLOVER_PERIOD = "log.rollover.period";
String APPLICATION_DIRECTORY = "APPLICATION_DIRECTORY";

6 changes: 0 additions & 6 deletions ...api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/FileHelper.java
View file
Original file line number Diff line number Diff line change
@@ -30,7 +30,6 @@ public class FileHelper {
public static final List<String> ALLOWED_EXTENSIONS = Arrays.asList(new String[]{"css", "html", "htm", "jsp", "js", "classtmp"});

public static final List<String> SOURCE_EXENSIONS = Arrays.asList(new String[]{"class", "jsp", "jar", "java"});
public static final String METHOD_NAME_GET_BOOLEAN_ATTRIBUTES = "getBooleanAttributes";
public static final String METHOD_NAME_CREATE_NEW_FILE = "createNewFile";
public static final String NEW_FILE_CHANNEL = "newFileChannel";
public static final String NEW_ASYNCHRONOUS_FILE_CHANNEL = "newAsynchronousFileChannel";
@@ -44,15 +43,10 @@ public class FileHelper {
public static final String MOVE = "move";
public static final String SET_ATTRIBUTE = "setAttribute";

public static final String METHOD_NAME_SET_PERMISSION = "setPermission";
public static final String METHOD_NAME_CREATE_FILE_EXCLUSIVELY = "createFileExclusively";
public static final String METHOD_NAME_DELETE = "delete";
public static final String METHOD_NAME_LIST = "list";

public static final String METHOD_NAME_SETPOSIXFILEPERMISSIONS = "setPosixFilePermissions";
public static final String METHOD_NAME_CREATE_DIRECTORY = "createDirectory";
public static final String METHOD_NAME_RENAME = "rename";
public static final String METHOD_NAME_SETREADONLY = "setReadOnly";
public static final String METHOD_NAME_DELETE_ON_EXIT = "deleteOnExit";
public static final String METHOD_NAME_LISTFILES = "listFiles";
public static final String METHOD_NAME_MKDIR = "mkdir";