Update user lifecycle tracking to V3 #8108
Open
+1,039
−664
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
manuel-alvarez-alvarez
added
the
comp: asm waf
manuel-alvarez-alvarez
force-pushed
the
malvarez/waf-ato-v3
branch
from
6ea6598 to
eea748d
Compare
BenchmarksStartupLoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics. Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.45.0-SNAPSHOT~f3a938277a, baseline=1.45.0-SNAPSHOT~ab205f6a56
dateFormat X
axisFormat %s
section baseline
no_agent (375.019 µs) : 355, 395
. : milestone, 375,
iast (489.899 µs) : 468, 511
. : milestone, 490,
iast_FULL (643.73 µs) : 622, 665
. : milestone, 644,
iast_GLOBAL (511.959 µs) : 491, 533
. : milestone, 512,
iast_HARDCODED_SECRET_DISABLED (485.837 µs) : 464, 507
. : milestone, 486,
iast_INACTIVE (445.538 µs) : 425, 466
. : milestone, 446,
iast_TELEMETRY_OFF (480.853 µs) : 459, 503
. : milestone, 481,
tracing (453.911 µs) : 432, 475
. : milestone, 454,
section candidate
no_agent (370.057 µs) : 350, 390
. : milestone, 370,
iast (483.614 µs) : 462, 505
. : milestone, 484,
iast_FULL (652.519 µs) : 631, 674
. : milestone, 653,
iast_GLOBAL (506.762 µs) : 486, 528
. : milestone, 507,
iast_HARDCODED_SECRET_DISABLED (485.812 µs) : 464, 507
. : milestone, 486,
iast_INACTIVE (449.882 µs) : 428, 471
. : milestone, 450,
iast_TELEMETRY_OFF (481.205 µs) : 460, 503
. : milestone, 481,
tracing (446.113 µs) : 425, 468
. : milestone, 446,
Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.45.0-SNAPSHOT~f3a938277a, baseline=1.45.0-SNAPSHOT~ab205f6a56
dateFormat X
axisFormat %s
section baseline
no_agent (1.354 ms) : 1334, 1374
. : milestone, 1354,
appsec (1.732 ms) : 1709, 1756
. : milestone, 1732,
appsec_no_iast (1.743 ms) : 1719, 1768
. : milestone, 1743,
iast (1.493 ms) : 1470, 1516
. : milestone, 1493,
profiling (1.531 ms) : 1505, 1556
. : milestone, 1531,
tracing (1.493 ms) : 1465, 1521
. : milestone, 1493,
section candidate
no_agent (1.348 ms) : 1328, 1367
. : milestone, 1348,
appsec (1.731 ms) : 1707, 1754
. : milestone, 1731,
appsec_no_iast (1.755 ms) : 1731, 1779
. : milestone, 1755,
iast (1.499 ms) : 1477, 1521
. : milestone, 1499,
profiling (1.551 ms) : 1526, 1577
. : milestone, 1551,
tracing (1.485 ms) : 1461, 1509
. : milestone, 1485,
DacapoParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics. Execution time for biojavagantt
title biojava - execution time [CI 0.99] : candidate=1.45.0-SNAPSHOT~f3a938277a, baseline=1.45.0-SNAPSHOT~ab205f6a56
dateFormat X
axisFormat %s
section baseline
no_agent (15.234 s) : 15234000, 15234000
. : milestone, 15234000,
appsec (15.061 s) : 15061000, 15061000
. : milestone, 15061000,
iast (18.904 s) : 18904000, 18904000
. : milestone, 18904000,
iast_GLOBAL (17.885 s) : 17885000, 17885000
. : milestone, 17885000,
profiling (14.736 s) : 14736000, 14736000
. : milestone, 14736000,
tracing (15.066 s) : 15066000, 15066000
. : milestone, 15066000,
section candidate
no_agent (15.625 s) : 15625000, 15625000
. : milestone, 15625000,
appsec (14.57 s) : 14570000, 14570000
. : milestone, 14570000,
iast (19.062 s) : 19062000, 19062000
. : milestone, 19062000,
iast_GLOBAL (17.774 s) : 17774000, 17774000
. : milestone, 17774000,
profiling (15.302 s) : 15302000, 15302000
. : milestone, 15302000,
tracing (14.869 s) : 14869000, 14869000
. : milestone, 14869000,
Execution time for tomcatgantt
title tomcat - execution time [CI 0.99] : candidate=1.45.0-SNAPSHOT~f3a938277a, baseline=1.45.0-SNAPSHOT~ab205f6a56
dateFormat X
axisFormat %s
section baseline
no_agent (1.467 ms) : 1455, 1478
. : milestone, 1467,
appsec (2.327 ms) : 2286, 2368
. : milestone, 2327,
iast (2.075 ms) : 2023, 2128
. : milestone, 2075,
iast_GLOBAL (2.122 ms) : 2069, 2175
. : milestone, 2122,
profiling (1.969 ms) : 1926, 2012
. : milestone, 1969,
tracing (1.929 ms) : 1889, 1970
. : milestone, 1929,
section candidate
no_agent (1.468 ms) : 1456, 1479
. : milestone, 1468,
appsec (2.333 ms) : 2291, 2374
. : milestone, 2333,
iast (2.077 ms) : 2025, 2130
. : milestone, 2077,
iast_GLOBAL (2.122 ms) : 2069, 2175
. : milestone, 2122,
profiling (1.957 ms) : 1915, 1999
. : milestone, 1957,
tracing (1.925 ms) : 1885, 1965
. : milestone, 1925,
|
manuel-alvarez-alvarez
force-pushed
the
malvarez/waf-ato-v3
branch
from
eea748d to
8c89366
Compare
manuel-alvarez-alvarez
requested review from
ValentinZakharov,
jandro996 and
smola
|
Hi! 👋 Thanks for your pull request! 🎉 To help us review it, please make sure to:
If you need help, please check our contributing guidelines. |
manuel-alvarez-alvarez
force-pushed
the
malvarez/waf-ato-v3
branch
from
8c89366 to
b48fedf
Compare
smola
approved these changes
Dec 19, 2024
manuel-alvarez-alvarez
force-pushed
the
malvarez/waf-ato-v3
branch
from
b48fedf to
e16bd12
Compare
manuel-alvarez-alvarez
force-pushed
the
malvarez/waf-ato-v3
branch
from
e16bd12 to
b4a5356
Compare
manuel-alvarez-alvarez
force-pushed
the
malvarez/waf-ato-v3
branch
from
25c9ab7 to
1464796
Compare
7 tasks
jandro996
approved these changes
Dec 20, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Does This Do
This pull request updates the user lifecycle tracking logic to align with the latest specifications. The key changes include:
Refactored Business Logic: Consolidated all handling of trace tags and WAF (Web Application Firewall) interactions within the
com.datadog.appsec.gateway.GatewayBridge. This centralization enhances maintainability and clarity.New Address for User Login Property: Introduced a new address dedicated to the
usr.loginproperty.Renamed Telemetry Metric: The metric previously named
instrum.user_auth.missing_user_idhas been renamed toinstrum.user_auth.missing_user_login. Additionally, two new tags have been integrated: one for the framework and another for the event type, providing more granular telemetry data.Motivation
This pull request is driven by the need to implement changes based on a newly issued RFC that consolidates all previous specifications. The RFC introduces several minor modifications, including a crucial distinction between user IDs and user logins. By adhering to this updated specification, we aim to enhance our system's accuracy and consistency in tracking user lifecycle events.
Additional Notes
Contributor Checklist
type:and (comp:orinst:) labels in addition to any usefull labelsclose,fixor any linking keywords when referencing an issue.Use
solvesinstead, and assign the PR milestone to the issueJira ticket: APPSEC-55579
RFC: Automated user lifecycle tracking