Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trigger WAF request metrics only at end of request #6595

Merged
merged 1 commit into from
Feb 1, 2024
Merged

Trigger WAF request metrics only at end of request #6595

merged 1 commit into from
Feb 1, 2024

Conversation

smola
Copy link
Member

@smola smola commented Feb 1, 2024
edited by jira bot
Loading

What Does This Do

Trigger WAF request metrics only at end of request only. Otherwise, they can be incremented multiple times per request if there are multiple WAF calls.

Motivation

Additional Notes

Jira ticket: APPSEC-51509

@smola
Trigger WAF request metrics only at end of request only
d5801e4 
Otherwise, they can be incremented multiple times per request if there
are multiple WAF calls.
@smola smola added type: bug comp: asm waf Application Security Management (WAF) labels Feb 1, 2024
@smola smola requested a review from a team as a code owner February 1, 2024 09:23
@pr-commenter
Copy link

pr-commenter bot commented Feb 1, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/fix-waf-telemetry-metrics
git_commit_date 1706733504 1706779289
git_commit_sha 54cb5c9 d5801e4
release_version 1.29.0-SNAPSHOT~54cb5c9369 1.29.0-SNAPSHOT~d5801e4ed8
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1706782695 1706782695
ci_job_id 423474253 423474253
ci_pipeline_id 27522792 27522792
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 45 metrics, 9 unstable metrics.

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-02-01T09:54:12 2024-02-01T10:13:12
git_branch master smola/fix-waf-telemetry-metrics
git_commit_date 1706733504 1706779289
git_commit_sha 54cb5c9 d5801e4
release_version 1.29.0-SNAPSHOT~54cb5c9369 1.29.0-SNAPSHOT~d5801e4ed8
start_time 2024-02-01T09:53:59 2024-02-01T10:12:58
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1706782695 1706782695
ci_job_id 423474253 423474253
ci_pipeline_id 27522792 27522792
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 16 unstable metrics.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.29.0-SNAPSHOT~d5801e4ed8, baseline=1.29.0-SNAPSHOT~54cb5c9369
    dateFormat X
    axisFormat %s
section baseline
no_agent (367.146 µs) : 348, 387
.   : milestone, 367,
iast (478.893 µs) : 458, 500
.   : milestone, 479,
iast_FULL (542.481 µs) : 522, 563
.   : milestone, 542,
iast_GLOBAL (497.189 µs) : 477, 518
.   : milestone, 497,
iast_HARDCODED_SECRET_DISABLED (482.37 µs) : 461, 503
.   : milestone, 482,
iast_INACTIVE (451.279 µs) : 430, 472
.   : milestone, 451,
iast_TELEMETRY_OFF (479.802 µs) : 458, 501
.   : milestone, 480,
tracing (446.172 µs) : 425, 467
.   : milestone, 446,
section candidate
no_agent (374.213 µs) : 354, 395
.   : milestone, 374,
iast (479.083 µs) : 458, 500
.   : milestone, 479,
iast_FULL (538.548 µs) : 518, 559
.   : milestone, 539,
iast_GLOBAL (499.912 µs) : 479, 521
.   : milestone, 500,
iast_HARDCODED_SECRET_DISABLED (474.888 µs) : 454, 496
.   : milestone, 475,
iast_INACTIVE (447.547 µs) : 426, 469
.   : milestone, 448,
iast_TELEMETRY_OFF (474.707 µs) : 454, 496
.   : milestone, 475,
tracing (453.271 µs) : 432, 475
.   : milestone, 453,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 367.146 µs [347.548 µs, 386.744 µs] -
iast 478.893 µs [457.817 µs, 499.969 µs] 111.747 µs (30.4%)
iast_FULL 542.481 µs [521.638 µs, 563.324 µs] 175.335 µs (47.8%)
iast_GLOBAL 497.189 µs [476.643 µs, 517.736 µs] 130.043 µs (35.4%)
iast_HARDCODED_SECRET_DISABLED 482.37 µs [461.406 µs, 503.334 µs] 115.224 µs (31.4%)
iast_INACTIVE 451.279 µs [430.167 µs, 472.39 µs] 84.133 µs (22.9%)
iast_TELEMETRY_OFF 479.802 µs [458.193 µs, 501.412 µs] 112.657 µs (30.7%)
tracing 446.172 µs [425.444 µs, 466.9 µs] 79.026 µs (21.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 374.213 µs [353.5 µs, 394.926 µs] -
iast 479.083 µs [458.3 µs, 499.867 µs] 104.87 µs (28.0%)
iast_FULL 538.548 µs [517.794 µs, 559.302 µs] 164.335 µs (43.9%)
iast_GLOBAL 499.912 µs [479.323 µs, 520.501 µs] 125.699 µs (33.6%)
iast_HARDCODED_SECRET_DISABLED 474.888 µs [453.994 µs, 495.781 µs] 100.675 µs (26.9%)
iast_INACTIVE 447.547 µs [426.347 µs, 468.747 µs] 73.334 µs (19.6%)
iast_TELEMETRY_OFF 474.707 µs [453.828 µs, 495.586 µs] 100.494 µs (26.9%)
tracing 453.271 µs [431.703 µs, 474.84 µs] 79.058 µs (21.1%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.29.0-SNAPSHOT~d5801e4ed8, baseline=1.29.0-SNAPSHOT~54cb5c9369
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.359 ms) : 1340, 1378
.   : milestone, 1359,
appsec (1.783 ms) : 1757, 1809
.   : milestone, 1783,
iast (1.54 ms) : 1516, 1565
.   : milestone, 1540,
profiling (1.54 ms) : 1514, 1566
.   : milestone, 1540,
tracing (1.501 ms) : 1477, 1526
.   : milestone, 1501,
section candidate
no_agent (1.359 ms) : 1340, 1378
.   : milestone, 1359,
appsec (1.788 ms) : 1761, 1814
.   : milestone, 1788,
iast (1.515 ms) : 1491, 1540
.   : milestone, 1515,
profiling (1.546 ms) : 1521, 1571
.   : milestone, 1546,
tracing (1.524 ms) : 1499, 1548
.   : milestone, 1524,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.359 ms [1.34 ms, 1.378 ms] -
appsec 1.783 ms [1.757 ms, 1.809 ms] 424.272 µs (31.2%)
iast 1.54 ms [1.516 ms, 1.565 ms] 181.895 µs (13.4%)
profiling 1.54 ms [1.514 ms, 1.566 ms] 181.185 µs (13.3%)
tracing 1.501 ms [1.477 ms, 1.526 ms] 142.694 µs (10.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.359 ms [1.34 ms, 1.378 ms] -
appsec 1.788 ms [1.761 ms, 1.814 ms] 428.155 µs (31.5%)
iast 1.515 ms [1.491 ms, 1.54 ms] 155.949 µs (11.5%)
profiling 1.546 ms [1.521 ms, 1.571 ms] 186.889 µs (13.7%)
tracing 1.524 ms [1.499 ms, 1.548 ms] 164.155 µs (12.1%)

@smola smola mentioned this pull request Feb 1, 2024
Merged
3 tasks
@smola smola merged commit 4339859 into master Feb 1, 2024
82 checks passed
@smola smola deleted the smola/fix-waf-telemetry-metrics branch February 1, 2024 12:23
@github-actions github-actions bot added this to the 1.29.0 milestone Feb 1, 2024
@smola smola changed the title Trigger WAF request metrics only at end of request only Trigger WAF request metrics only at end of request Jul 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@jandro996 jandro996 Awaiting requested review from jandro996 jandro996 is a code owner automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) type: bug
Projects
None yet
Milestone
1.29.0
Development

Successfully merging this pull request may close these issues.
2 participants
@smola @manuel-alvarez-alvarez