newrelic · IshikaDawda · Mar 19, 2025 · Mar 19, 2025
diff --git a/...agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java b/...agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java
@@ -240,24 +240,15 @@ public Object call() throws Exception {
 
             }
 
-            if (!VulnerabilityCaseType.FILE_INTEGRITY.equals(operation.getCaseType())) {
-                if (VulnerabilityCaseType.FILE_OPERATION.equals(operation.getCaseType())
-                        && ((FileOperation) operation).isGetBooleanAttributesCall()) {
-                    eventBean = processStackTrace(eventBean, operation.getCaseType(), false);
-                } else {
-                    eventBean = processStackTrace(eventBean, operation.getCaseType(), true);
-                }
-                if (eventBean == null) {
-                    return null;
-                }
+            if (eventBean == null) {
+                return null;
             }
 
             EventSendPool.getInstance().sendEvent(eventBean);
             if (!firstEventSent.get()) {
                 logger.logInit(LogLevel.INFO, String.format(EVENT_ZERO_SENT, eventBean), this.getClass().getName());
                 firstEventSent.set(true);
             }
-//        detectDeployedApplication();
         } catch (Throwable e) {
             logger.postLogMessageIfNecessary(LogLevel.WARNING, String.format(UNABLE_TO_CONVERT_OPERATION_TO_EVENT, operation.getApiID(), operation.getSourceMethod(), JsonConverter.getObjectMapper().writeValueAsString(operation.getUserClassEntity())), e,
                     this.getClass().getName());
@@ -589,7 +580,9 @@ private JavaAgentEventBean prepareSystemCommandEvent(JavaAgentEventBean eventBea
             eventBean.setParameters(params);
             return eventBean;
         } catch (Throwable e){
-            e.printStackTrace();
+            if (Agent.isDebugEnabled()) {
+                logger.log(LogLevel.FINEST, "Error while preparing SYSTEM_COMMAND event: " + JsonConverter.toJSON(operation), e, Agent.class.getName());
+            }
         }
         return eventBean;
     }

diff --git a/...t/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/...t/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java
@@ -6,6 +6,7 @@
 import com.newrelic.agent.security.intcodeagent.executor.CustomThreadPoolExecutor;
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
 import com.newrelic.agent.security.intcodeagent.utils.IastExclusionUtils;
+import com.newrelic.api.agent.security.Agent;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants;
 import com.newrelic.agent.security.intcodeagent.models.javaagent.EventStats;
@@ -116,6 +117,9 @@ protected void afterExecute(Runnable r, Throwable t) {
                         AbstractOperation operation = dispatcher.getOperation();
                         SecurityMetaData securityMetaData = dispatcher.getSecurityMetaData();
                         if(t != null){
+                            if (Agent.isDebugEnabled()) {
+                                logger.log(LogLevel.FINEST, "Debug: Error occurred while sending the event.", t, DispatcherPool.class.getName());
+                            }
                             AgentInfo.getInstance().getJaHealthCheck().getEventStats().getDispatcher().incrementError();
                             if(operation != null) {
                                 if(securityMetaData != null && securityMetaData.getFuzzRequestIdentifier().getK2Request()) {
@@ -211,6 +215,9 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security
                         RestRequestThreadPool.getInstance().registerEventForProcessedCC(parentId, operation.getExecutionId());
                     }
                 }
+                if (Agent.isDebugEnabled()) {
+                    logger.log(LogLevel.FINEST, String.format("Debug: Register execution id %s with parent-id as %s", operation.getExecutionId(), parentId), this.getClass().getName());
+                }
             }
         }
 

diff --git a/...main/java/com/newrelic/agent/security/instrumentator/helper/DynamoDBRequestConverter.java b/...main/java/com/newrelic/agent/security/instrumentator/helper/DynamoDBRequestConverter.java
@@ -1,7 +1,10 @@
 package com.newrelic.agent.security.instrumentator.helper;
 
+import com.newrelic.agent.security.instrumentator.utils.CallbackUtils;
+import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
 import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter;
 import com.newrelic.api.agent.security.Agent;
+import com.newrelic.api.agent.security.NewRelicSecurity;
 import com.newrelic.api.agent.security.schema.helper.DynamoDBRequest;
 import com.newrelic.api.agent.security.schema.operation.DynamoDBOperation;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
@@ -127,6 +130,9 @@ else if (value.getClass().getName().contains("AttributeValue")) {
                             }
                         }
                     } catch (IllegalAccessException ignored) {
+                        if (Agent.isDebugEnabled()) {
+                            NewRelicSecurity.getAgent().log(LogLevel.FINEST, "Debug: Error occurred while sending the event.", ignored, CallbackUtils.class.getName());
+                        }
                     }
                 }
             }

diff --git a/...m/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/...m/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java
@@ -4,7 +4,9 @@
 import com.newrelic.agent.security.AgentInfo;
 import com.newrelic.agent.security.instrumentator.utils.INRSettingsKey;
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
+import com.newrelic.agent.security.intcodeagent.schedulers.FileCleaner;
 import com.newrelic.agent.security.util.IUtilConstants;
+import com.newrelic.api.agent.security.Agent;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import com.newrelic.agent.security.intcodeagent.models.IASTDataTransferRequest;
 import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter;
@@ -77,6 +79,9 @@ private void task() {
             // Sleep if under cooldown
             long cooldownSleepTime = cooldownTillTimestamp.get() - currentTimestamp;
             if(cooldownSleepTime > 0) {
+                if (Agent.isDebugEnabled()) {
+                    NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: Executing IASTDataTransferRequest thread to sleep due to %s millis due Cool down.", cooldownSleepTime), FileCleaner.class.getName());
+                }
                 Thread.sleep(cooldownSleepTime);
             }
 
@@ -99,6 +104,10 @@ private void task() {
             int currentRecordBacklog = Math.max(currentRecordBacklogRest, currentRecordBacklogGrpc);
             int remainingRecordCapacity = Math.min(remainingRecordCapacityRest, remainingRecordCapacityGrpc);
 
+            if (Agent.isDebugEnabled()) {
+                NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: IAST Replay backlog for REST and gRPC are : %s and %s respectively.", currentRecordBacklogRest, currentRecordBacklogRest), FileCleaner.class.getName());
+            }
+
             int batchSize = currentFetchThreshold - currentRecordBacklog;
             if(!AgentUsageMetric.isRASPProcessingActive()){
                 batchSize /= 2;

diff --git a/...y-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/CallbackUtils.java b/...y-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/CallbackUtils.java
@@ -1,6 +1,7 @@
 package com.newrelic.agent.security.instrumentator.utils;
 
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
+import com.newrelic.api.agent.security.Agent;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper;
 import com.newrelic.api.agent.security.schema.HttpRequest;
@@ -71,6 +72,9 @@ public static Set<String> checkForReflectedXSS(HttpRequest httpRequest, HttpResp
         logger.log(LogLevel.FINER, String.format("Checking reflected XSS : %s :: %s", combinedRequestData, combinedResponseDataString), CallbackUtils.class.getName());
 
         Set<String> attackContructs = isXSS(combinedRequestData);
+        if (Agent.isDebugEnabled()) {
+            logger.log(LogLevel.FINEST, String.format("Debug: RXSS Attack Constructs found in Request %s", attackContructs), CallbackUtils.class.getName());
+        }
 
         for (String construct : attackContructs) {
             if (StringUtils.containsIgnoreCase(combinedResponseDataString, construct)) {
@@ -84,6 +88,8 @@ public static Set<String> checkForReflectedXSS(HttpRequest httpRequest, HttpResp
         }
         if (toReturn.isEmpty()) {
             toReturn.add(StringUtils.EMPTY);
+        } else if (Agent.isDebugEnabled()) {
+            logger.log(LogLevel.FINEST, String.format("Debug: RXSS Attack Constructs found : %s", toReturn), CallbackUtils.class.getName());
         }
         return toReturn;
     }

diff --git a/.../src/main/java/com/newrelic/agent/security/instrumentator/utils/InstrumentationUtils.java b/.../src/main/java/com/newrelic/agent/security/instrumentator/utils/InstrumentationUtils.java
@@ -5,17 +5,18 @@
 import com.newrelic.agent.security.instrumentator.os.OsVariablesInstance;
 import com.newrelic.agent.security.intcodeagent.controlcommand.ControlCommandProcessorThreadPool;
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
-import com.newrelic.agent.security.intcodeagent.schedulers.FileCleaner;
-import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import com.newrelic.agent.security.intcodeagent.logging.HealthCheckScheduleThread;
 import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants;
 import com.newrelic.agent.security.intcodeagent.models.javaagent.ShutDownEvent;
+import com.newrelic.agent.security.intcodeagent.schedulers.FileCleaner;
 import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool;
 import com.newrelic.agent.security.intcodeagent.websocket.WSClient;
 import com.newrelic.agent.security.intcodeagent.websocket.WSReconnectionST;
+import com.newrelic.api.agent.security.Agent;
+import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import org.apache.commons.io.FileUtils;
-import org.java_websocket.framing.CloseFrame;
 import org.apache.commons.lang3.StringUtils;
+import org.java_websocket.framing.CloseFrame;
 
 import java.io.File;
 import java.util.concurrent.TimeUnit;
@@ -70,6 +71,9 @@ public static void shutdownLogic() {
         } catch (Throwable e) {
         }
         try {
+            if (Agent.isDebugEnabled()) {
+                logger.log(LogLevel.FINEST, "Debug: Shutting down IAST Services..", InstrumentationUtils.class.getName());
+            }
             HealthCheckScheduleThread.getInstance().cancelTask(true);
             DispatcherPool.shutDownPool();
             ControlCommandProcessorThreadPool.shutDownPool();
@@ -78,6 +82,9 @@ public static void shutdownLogic() {
             WSClient.shutDownWSClient(true, CloseFrame.NORMAL, "IAST agent shutting down");
             FileCleaner.cancelTask();
             if(StringUtils.isNotBlank(OsVariablesInstance.getInstance().getOsVariables().getTmpDirectory())) {
+                if (Agent.isDebugEnabled()) {
+                    logger.log(LogLevel.FINEST, "Debug: IAST Shutdown : Cleaning Tmp directory created during IAST analysis", InstrumentationUtils.class.getName());
+                }
                 FileUtils.deleteQuietly(new File(OsVariablesInstance.getInstance().getOsVariables().getTmpDirectory()));
             }
 

diff --git a/...a/com/newrelic/agent/security/intcodeagent/apache/httpclient/ApacheHttpClientWrapper.java b/...a/com/newrelic/agent/security/intcodeagent/apache/httpclient/ApacheHttpClientWrapper.java
@@ -2,6 +2,7 @@
 
 import com.newrelic.agent.security.AgentInfo;
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
+import com.newrelic.api.agent.security.Agent;
 import com.newrelic.api.agent.security.schema.HttpRequest;
 import com.newrelic.api.agent.security.schema.StringUtils;
 import com.newrelic.api.agent.security.schema.http.ReadResult;
@@ -90,7 +91,9 @@ public ApacheHttpClientWrapper(int requestTimeoutInMillis) {
                     .loadTrustMaterial(null, acceptingTrustStrategy)
                     .build();
         } catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException exception){
-
+            if (Agent.isDebugEnabled()) {
+                logger.log(LogLevel.FINEST, "Debug: Error while building SSL Context for Apache HTTP Client", exception, this.getClass().getName());
+            }
         }
         this.connectionManager = createHttpClientConnectionManager(sslContext);
         this.httpClient = HttpClientBuilder.create()

diff --git a/.../main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/IastHttpClient.java b/.../main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/IastHttpClient.java
@@ -3,6 +3,7 @@
 import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool;
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
 import com.newrelic.agent.security.intcodeagent.models.FuzzRequestBean;
+import com.newrelic.api.agent.security.Agent;
 import com.newrelic.api.agent.security.instrumentation.helpers.AppServerInfoHelper;
 import com.newrelic.api.agent.security.schema.AppServerInfo;
 import com.newrelic.api.agent.security.schema.HttpRequest;
@@ -77,6 +78,9 @@ public void tryToEstablishApplicationEndpoint(HttpRequest request) {
         int serverPort = request.getServerPort();
         if(serverPort > 0){
             Map<String, String> endpoints = prepareEndpoints(serverPort);
+            if (Agent.isDebugEnabled()) {
+                logger.log(LogLevel.FINEST, "Debug: Trying to establish Application Endpoint", IastHttpClient.class.getName());
+            }
             for (Map.Entry<String, String> endpoint : endpoints.entrySet()) {
                 try {
                     ReadResult result = httpClient.execute(request, endpoint.getValue(), null, true);

diff --git a/...-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/FileCleaner.java b/...-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/FileCleaner.java
@@ -4,6 +4,9 @@
 import com.newrelic.agent.security.instrumentator.os.OSVariables;
 import com.newrelic.agent.security.instrumentator.os.OsVariablesInstance;
 import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
+import com.newrelic.agent.security.intcodeagent.utils.EncryptorUtils;
+import com.newrelic.api.agent.security.Agent;
+import com.newrelic.api.agent.security.NewRelicSecurity;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper;
 import org.apache.commons.io.FileUtils;
@@ -33,13 +36,17 @@ public class FileCleaner {
 
         @Override
         public void run() {
+            // TODO: add debug trace
             AgentInfo.getInstance().getJaHealthCheck().getSchedulerRuns().incrementIastFileCleaner();
             long delay = Instant.now().toEpochMilli() - TimeUnit.MINUTES.toMillis(2);
             logger.log(LogLevel.INFO, FILE_CLEANER_INVOKED_INITIATING_TEMP_FILE_DIRECTORY_CLEANUP, FileCleaner.class.getName());
             if(StringUtils.isBlank(osVariables.getTmpDirectory())) {
                 return;
             }
             FileUtils.iterateFiles(new File(osVariables.getTmpDirectory()), new AgeFileFilter(delay), DirectoryFileFilter.INSTANCE).forEachRemaining( file -> {
+                if (Agent.isDebugEnabled()) {
+                    NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: Cleaning temp files created during IAST analysis : %s", file), FileCleaner.class.getName());
+                }
                 FileUtils.deleteQuietly(file);
             });
 
@@ -51,8 +58,14 @@ public void run() {
                     long age = delay - Files.getLastModifiedTime(Paths.get(file)).toMillis();
                     if(age > 0){
                         FileUtils.deleteQuietly(new File(file));
+                        if (Agent.isDebugEnabled()) {
+                            NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: Cleaning temp files created during IAST analysis : %s", file), FileCleaner.class.getName());
+                        }
                     }
                 } catch (IOException | InvalidPathException e) {
+                    if (Agent.isDebugEnabled()) {
+                        NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: Error while cleaning temp files created during IAST analysis : %s", file), e, FileCleaner.class.getName());
+                    }
                 }
             }
         }

diff --git a/...ty-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/EncryptorUtils.java b/...ty-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/EncryptorUtils.java
@@ -1,6 +1,9 @@
 package com.newrelic.agent.security.intcodeagent.utils;
 
+import com.newrelic.agent.security.instrumentator.utils.CallbackUtils;
 import com.newrelic.agent.security.instrumentator.utils.HashGenerator;
+import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
+import com.newrelic.api.agent.security.Agent;
 import com.newrelic.api.agent.security.NewRelicSecurity;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 import org.apache.commons.codec.DecoderException;
@@ -34,6 +37,9 @@ public class EncryptorUtils {
     private static Cipher cipher = null;
 
     private static void prepareCipherInstance(String password) throws Exception {
+        if (Agent.isDebugEnabled()) {
+            NewRelicSecurity.getAgent().log(LogLevel.FINEST, "Debug: Preparing Cipher instance for decrypting data", EncryptorUtils.class.getName());
+        }
         SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_2_WITH_HMAC_SHA_1);
         KeySpec spec = new PBEKeySpec(password.toCharArray(), generateSalt(password), ITERATION, KEY_LEN);
         SecretKey tmp = factory.generateSecret(spec);
@@ -62,6 +68,9 @@ public static String decrypt(String password, String encryptedData) {
             // Decrypt the content
             byte[] decryptedBytes = cipher.doFinal(Hex.decodeHex(encryptedData));
             decryptedData = new String(decryptedBytes, OFFSET, decryptedBytes.length - OFFSET);
+            if (Agent.isDebugEnabled()) {
+                NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: Decrypted data for encrypted data %s is : %s", encryptedData, decryptedData), EncryptorUtils.class.getName());
+            }
             NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format(ENCRYPTED_DATA_S_DECRYPTED_DATA_S, encryptedData, decryptedData), EncryptorUtils.class.getName());
             return decryptedData;
         } catch (DecoderException ignored) {
@@ -83,6 +92,9 @@ public static boolean verifyHashData(String knownDecryptedDataHash, String decry
             NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format("Known-Decrypted Data Hash is empty %s", knownDecryptedDataHash), EncryptorUtils.class.getName());
             return false;
         }
+        if (Agent.isDebugEnabled() && !StringUtils.equals(HashGenerator.getSHA256HexDigest(decryptedData), knownDecryptedDataHash)) {
+            NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format("Debug: The hash of the decrypted data for %s does not match.", decryptedData), EncryptorUtils.class.getName());
+        }
         return StringUtils.equals(HashGenerator.getSHA256HexDigest(decryptedData), knownDecryptedDataHash);
     }