add sdk.event to communicate a login or custom event (#5462)

* add sdk.event to communicate a login or custom event

* change sdk version to v1

Author: IlyasShabi

packages/dd-trace/src/appsec/sdk/track_event.js

@@ -7,6 +7,7 @@ const waf = require('../waf')
 const { keepTrace } = require('../../priority_sampler')
 const addresses = require('../addresses')
 const { ASM } = require('../../standalone/product')
+const { incrementSdkEventMetric } = require('../telemetry')
 
 function trackUserLoginSuccessEvent (tracer, user, metadata) {
   // TODO: better user check here and in _setUser() ?
@@ -15,6 +16,8 @@ function trackUserLoginSuccessEvent (tracer, user, metadata) {
     return
   }
 
+  incrementSdkEventMetric('login_success')
+
   const rootSpan = getRootSpan(tracer)
   if (!rootSpan) {
     log.warn('[ASM] Root span not available in trackUserLoginSuccessEvent')
@@ -48,6 +51,8 @@ function trackUserLoginFailureEvent (tracer, userId, exists, metadata) {
   trackEvent('users.login.failure', fields, 'trackUserLoginFailureEvent', getRootSpan(tracer))
 
   runWaf('users.login.failure', { login: userId })
+
+  incrementSdkEventMetric('login_failure')
 }
 
 function trackCustomEvent (tracer, eventName, metadata) {
@@ -57,6 +62,8 @@ function trackCustomEvent (tracer, eventName, metadata) {
   }
 
   trackEvent(eventName, metadata, 'trackCustomEvent', getRootSpan(tracer))
+
+  incrementSdkEventMetric('custom')
 }
 
 function trackEvent (eventName, fields, sdkMethodName, rootSpan) {

packages/dd-trace/src/appsec/telemetry/index.js

@@ -2,7 +2,7 @@
 
 const { DD_TELEMETRY_REQUEST_METRICS } = require('./common')
 const { addRaspRequestMetrics, trackRaspMetrics } = require('./rasp')
-const { incrementMissingUserId, incrementMissingUserLogin } = require('./user')
+const { incrementMissingUserId, incrementMissingUserLogin, incrementSdkEvent } = require('./user')
 const {
   addWafRequestMetrics,
   trackWafMetrics,
@@ -121,6 +121,12 @@ function incrementMissingUserIdMetric (framework, eventType) {
   incrementMissingUserId(framework, eventType)
 }
 
+function incrementSdkEventMetric (framework, eventType) {
+  if (!enabled) return
+
+  incrementSdkEvent(framework, eventType)
+}
+
 function getRequestMetrics (req) {
   if (req) {
     const store = getStore(req)
@@ -141,6 +147,7 @@ module.exports = {
   incrementWafRequestsMetric,
   incrementMissingUserLoginMetric,
   incrementMissingUserIdMetric,
+  incrementSdkEventMetric,
 
   getRequestMetrics
 }

packages/dd-trace/src/appsec/telemetry/user.js

@@ -18,7 +18,15 @@ function incrementMissingUserId (framework, eventType) {
   }).inc()
 }
 
+function incrementSdkEvent (eventType) {
+  appsecMetrics.count('sdk.event', {
+    event_type: eventType,
+    sdk_version: 'v1'
+  }).inc()
+}
+
 module.exports = {
   incrementMissingUserLogin,
-  incrementMissingUserId
+  incrementMissingUserId,
+  incrementSdkEvent
 }

packages/dd-trace/test/appsec/sdk/track_event.spec.js

@@ -17,6 +17,7 @@ describe('track_event', () => {
     let getRootSpan
     let setUserTags
     let waf
+    let telemetry
     let trackUserLoginSuccessEvent, trackUserLoginFailureEvent, trackCustomEvent
 
     beforeEach(() => {
@@ -42,6 +43,10 @@ describe('track_event', () => {
         run: sinon.spy()
       }
 
+      telemetry = {
+        incrementSdkEventMetric: sinon.stub()
+      }
+
       const trackEvents = proxyquire('../../../src/appsec/sdk/track_event', {
         '../../log': log,
         './utils': {
@@ -50,7 +55,8 @@ describe('track_event', () => {
         './set_user': {
           setUserTags
         },
-        '../waf': waf
+        '../waf': waf,
+        '../telemetry': telemetry
       })
 
       trackUserLoginSuccessEvent = trackEvents.trackUserLoginSuccessEvent
@@ -70,6 +76,7 @@ describe('track_event', () => {
           .to.have.been.calledWithExactly('[ASM] Invalid user provided to trackUserLoginSuccessEvent')
         expect(setUserTags).to.not.have.been.called
         expect(rootSpan.addTags).to.not.have.been.called
+        expect(telemetry.incrementSdkEventMetric).to.not.have.been.called
       })
 
       it('should log warning when root span is not available', () => {
@@ -80,6 +87,7 @@ describe('track_event', () => {
         expect(log.warn)
           .to.have.been.calledOnceWithExactly('[ASM] Root span not available in trackUserLoginSuccessEvent')
         expect(setUserTags).to.not.have.been.called
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_success')
       })
 
       it('should call setUser and addTags with metadata', () => {
@@ -111,6 +119,7 @@ describe('track_event', () => {
             [USER_LOGIN]: 'user_id'
           }
         })
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_success')
       })
 
       it('should call setUser and addTags without metadata', () => {
@@ -134,6 +143,7 @@ describe('track_event', () => {
             [USER_LOGIN]: 'user_id'
           }
         })
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_success')
       })
 
       it('should call waf with user login', () => {
@@ -157,6 +167,7 @@ describe('track_event', () => {
             [USER_LOGIN]: 'user_login'
           }
         })
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_success')
       })
     })
 
@@ -172,6 +183,7 @@ describe('track_event', () => {
           .to.have.been.calledWithExactly('[ASM] Invalid userId provided to trackUserLoginFailureEvent')
         expect(setUserTags).to.not.have.been.called
         expect(rootSpan.addTags).to.not.have.been.called
+        expect(telemetry.incrementSdkEventMetric).to.not.have.been.called
       })
 
       it('should log warning when root span is not available', () => {
@@ -182,6 +194,7 @@ describe('track_event', () => {
         expect(log.warn)
           .to.have.been.calledOnceWithExactly('[ASM] Root span not available in %s', 'trackUserLoginFailureEvent')
         expect(setUserTags).to.not.have.been.called
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_failure')
       })
 
       it('should call addTags with metadata', () => {
@@ -211,6 +224,7 @@ describe('track_event', () => {
             [USER_LOGIN]: 'user_id'
           }
         })
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_failure')
       })
 
       it('should send false `usr.exists` property when the user does not exist', () => {
@@ -240,6 +254,7 @@ describe('track_event', () => {
             [USER_LOGIN]: 'user_id'
           }
         })
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_failure')
       })
 
       it('should call addTags without metadata', () => {
@@ -262,6 +277,7 @@ describe('track_event', () => {
             [USER_LOGIN]: 'user_id'
           }
         })
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('login_failure')
       })
     })
 
@@ -277,6 +293,7 @@ describe('track_event', () => {
           .to.have.been.calledWithExactly('[ASM] Invalid eventName provided to trackCustomEvent')
         expect(setUserTags).to.not.have.been.called
         expect(rootSpan.addTags).to.not.have.been.called
+        expect(telemetry.incrementSdkEventMetric).to.not.have.been.called
       })
 
       it('should log warning when root span is not available', () => {
@@ -287,6 +304,7 @@ describe('track_event', () => {
         expect(log.warn)
           .to.have.been.calledOnceWithExactly('[ASM] Root span not available in %s', 'trackCustomEvent')
         expect(setUserTags).to.not.have.been.called
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('custom')
       })
 
       it('should call addTags with metadata', () => {
@@ -305,6 +323,7 @@ describe('track_event', () => {
         })
         expect(prioritySampler.setPriority)
           .to.have.been.calledOnceWithExactly(rootSpan, USER_KEEP, ASM)
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('custom')
       })
 
       it('should call addTags without metadata', () => {
@@ -318,6 +337,7 @@ describe('track_event', () => {
         })
         expect(prioritySampler.setPriority)
           .to.have.been.calledOnceWithExactly(rootSpan, USER_KEEP, ASM)
+        expect(telemetry.incrementSdkEventMetric).to.have.been.calledWith('custom')
       })
     })
   })

packages/dd-trace/test/appsec/telemetry/user.spec.js

@@ -49,5 +49,16 @@ describe('Appsec User Telemetry metrics', () => {
         })
       })
     })
+
+    describe('incrementSdkEventMetric', () => {
+      it('should increment sdk.event metric', () => {
+        appsecTelemetry.incrementSdkEventMetric('login_success')
+
+        expect(count).to.have.been.calledOnceWithExactly('sdk.event', {
+          event_type: 'login_success',
+          sdk_version: 'v1'
+        })
+      })
+    })
   })
 })