start to add metrics
This commit is contained in:
bui
parent
3fe6e3be14
commit
edc28142ff
|
|
@ -9,6 +9,7 @@ import (
|
|||
corazatypes "github.com/corazawaf/coraza/v3/types"
|
||||
"github.com/crowdsecurity/crowdsec/pkg/types"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
)
|
||||
|
||||
func TxToEvents(r ParsedRequest, kind string) ([]types.Event, error) {
|
||||
|
|
@ -17,10 +18,11 @@ func TxToEvents(r ParsedRequest, kind string) ([]types.Event, error) {
|
|||
return nil, fmt.Errorf("tx is nil")
|
||||
}
|
||||
for _, rule := range r.Tx.MatchedRules() {
|
||||
//log.Printf("rule %d", idx)
|
||||
//we're discarding rules that don't have a message. They are not relevant for us
|
||||
if rule.Message() == "" {
|
||||
continue
|
||||
}
|
||||
wafRuleHits.With(prometheus.Labels{"rule_id": fmt.Sprintf("%d", rule.Rule().ID()), "type": kind}).Inc()
|
||||
evt, err := RuleMatchToEvent(rule, r.Tx, r, kind)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "Cannot convert rule match to event")
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ import (
|
|||
"net/url"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/corazawaf/coraza/v3"
|
||||
corazatypes "github.com/corazawaf/coraza/v3/types"
|
||||
|
|
@ -23,6 +24,31 @@ import (
|
|||
"gopkg.in/yaml.v2"
|
||||
)
|
||||
|
||||
var wafParsingHistogram = prometheus.NewHistogramVec(
|
||||
prometheus.HistogramOpts{
|
||||
Help: "Time spent processing a request by the WAF.",
|
||||
Name: "cs_waf_parsing_time_seconds",
|
||||
Buckets: []float64{0.0005, 0.001, 0.0015, 0.002, 0.0025, 0.003, 0.004, 0.005, 0.0075, 0.01},
|
||||
},
|
||||
[]string{"source"},
|
||||
)
|
||||
|
||||
var wafReqCounter = prometheus.NewCounterVec(
|
||||
prometheus.CounterOpts{
|
||||
Name: "cs_waf_reqs_total",
|
||||
Help: "Total events processed by the WAF.",
|
||||
},
|
||||
[]string{"source"},
|
||||
)
|
||||
|
||||
var wafRuleHits = prometheus.NewCounterVec(
|
||||
prometheus.CounterOpts{
|
||||
Name: "cs_waf_rule_hits",
|
||||
Help: "Count of triggered rule, by rule_id and type (inband/outofband).",
|
||||
},
|
||||
[]string{"rule_id", "type"},
|
||||
)
|
||||
|
||||
const (
|
||||
InBand = "inband"
|
||||
OutOfBand = "outofband"
|
||||
|
|
@ -422,6 +448,9 @@ func (r *WafRunner) Run(t *tomb.Tomb) error {
|
|||
log.Infof("Waf Runner is dying")
|
||||
return nil
|
||||
case request := <-r.inChan:
|
||||
wafReqCounter.With(prometheus.Labels{"source": request.RemoteAddr}).Inc()
|
||||
//measure the time spent in the WAF
|
||||
startParsing := time.Now()
|
||||
in, tx, err := processReqWithEngine(r.inBandWaf, request, request.UUID, InBand)
|
||||
response := ResponseRequest{
|
||||
Tx: tx,
|
||||
|
|
@ -463,6 +492,9 @@ func (r *WafRunner) Run(t *tomb.Tomb) error {
|
|||
continue
|
||||
}
|
||||
}
|
||||
//measure the full time spent in the WAF
|
||||
elapsed := time.Since(startParsing)
|
||||
wafParsingHistogram.With(prometheus.Labels{"source": request.RemoteAddr}).Observe(elapsed.Seconds())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue