Add support for waf_timeout tag in telemetry

[jandro996]

What Does This Do

Add waf_timeout tag to dd.instrumentation_telemetry_data.appsec.waf.requests metric

Motivation

This will allow us to better understand WAF timeout behaviours, possibly helping us to: improve the default, and spot performance issues.

Additional Notes

for the metric dd.instrumentation_telemetry_data.appsec.waf.requests not all combinations of the Boolean tags are valid.

These are the valid combinations:

Contributor Checklist

• Format the title according the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any usefull labels
• Squash your commits prior merging or merge using GitHub's Squash and merge
• Don't use close, fix or any linking keywords when referencing an issue.
  Use solves instead, and assign the PR milestone to the issue
• Update the public documentation in case of new configuration flag or behavior

Jira ticket: APPSEC-10829

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/add-waf_timeout-to-telemetry
git_commit_date	1728024292	1728028165
git_commit_sha	a7066d9	e1e8ba9
release_version	1.41.0-SNAPSHOT~a7066d9967	1.41.0-SNAPSHOT~e1e8ba9c0e

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1728030593	1728030593
ci_job_id	661300260	661300260
ci_pipeline_id	45796132	45796132
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 52 metrics, 11 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.073 s) : 0, 1073045
Total [baseline] (10.429 s) : 0, 10428833
Agent [candidate] (1.08 s) : 0, 1080450
Total [candidate] (10.428 s) : 0, 10428047
section appsec
Agent [baseline] (1.206 s) : 0, 1206359
Total [baseline] (10.689 s) : 0, 10689324
Agent [candidate] (1.208 s) : 0, 1207576
Total [candidate] (10.644 s) : 0, 10643629
section iast
Agent [baseline] (1.207 s) : 0, 1207244
Total [baseline] (10.888 s) : 0, 10887509
Agent [candidate] (1.199 s) : 0, 1198604
Total [candidate] (10.9 s) : 0, 10900368
section profiling
Agent [baseline] (1.27 s) : 0, 1269949
Total [baseline] (10.612 s) : 0, 10611835
Agent [candidate] (1.274 s) : 0, 1274225
Total [candidate] (10.67 s) : 0, 10670238

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.073 s	-
Agent	appsec	1.206 s	133.314 ms (12.4%)
Agent	iast	1.207 s	134.199 ms (12.5%)
Agent	profiling	1.27 s	196.903 ms (18.3%)
Total	tracing	10.429 s	-
Total	appsec	10.689 s	260.491 ms (2.5%)
Total	iast	10.888 s	458.676 ms (4.4%)
Total	profiling	10.612 s	183.003 ms (1.8%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.08 s	-
Agent	appsec	1.208 s	127.126 ms (11.8%)
Agent	iast	1.199 s	118.154 ms (10.9%)
Agent	profiling	1.274 s	193.774 ms (17.9%)
Total	tracing	10.428 s	-
Total	appsec	10.644 s	215.582 ms (2.1%)
Total	iast	10.9 s	472.321 ms (4.5%)
Total	profiling	10.67 s	242.191 ms (2.3%)

gantt
    title petclinic - break down per module: candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (684.811 ms) : 0, 684811
BytebuddyAgent [candidate] (689.143 ms) : 0, 689143
GlobalTracer [baseline] (312.045 ms) : 0, 312045
GlobalTracer [candidate] (314.518 ms) : 0, 314518
AppSec [baseline] (53.952 ms) : 0, 53952
AppSec [candidate] (54.463 ms) : 0, 54463
Remote Config [baseline] (660.864 µs) : 0, 661
Remote Config [candidate] (666.053 µs) : 0, 666
Telemetry [baseline] (7.737 ms) : 0, 7737
Telemetry [candidate] (7.75 ms) : 0, 7750
section appsec
BytebuddyAgent [baseline] (700.213 ms) : 0, 700213
BytebuddyAgent [candidate] (701.422 ms) : 0, 701422
GlobalTracer [baseline] (309.056 ms) : 0, 309056
GlobalTracer [candidate] (309.225 ms) : 0, 309225
AppSec [baseline] (163.687 ms) : 0, 163687
AppSec [candidate] (164.136 ms) : 0, 164136
IAST [baseline] (23.055 ms) : 0, 23055
IAST [candidate] (19.514 ms) : 0, 19514
Remote Config [baseline] (641.126 µs) : 0, 641
Remote Config [candidate] (635.621 µs) : 0, 636
Telemetry [baseline] (7.461 ms) : 0, 7461
Telemetry [candidate] (8.587 ms) : 0, 8587
section iast
BytebuddyAgent [baseline] (803.448 ms) : 0, 803448
BytebuddyAgent [candidate] (797.725 ms) : 0, 797725
GlobalTracer [baseline] (302.711 ms) : 0, 302711
GlobalTracer [candidate] (300.963 ms) : 0, 300963
AppSec [baseline] (53.035 ms) : 0, 53035
AppSec [candidate] (54.791 ms) : 0, 54791
IAST [baseline] (26.504 ms) : 0, 26504
IAST [candidate] (23.647 ms) : 0, 23647
Remote Config [baseline] (613.139 µs) : 0, 613
Remote Config [candidate] (601.241 µs) : 0, 601
Telemetry [baseline] (7.079 ms) : 0, 7079
Telemetry [candidate] (7.072 ms) : 0, 7072
section profiling
BytebuddyAgent [baseline] (675.529 ms) : 0, 675529
BytebuddyAgent [candidate] (679.219 ms) : 0, 679219
GlobalTracer [baseline] (395.301 ms) : 0, 395301
GlobalTracer [candidate] (395.68 ms) : 0, 395680
AppSec [baseline] (54.992 ms) : 0, 54992
AppSec [candidate] (54.948 ms) : 0, 54948
Remote Config [baseline] (660.105 µs) : 0, 660
Remote Config [candidate] (664.491 µs) : 0, 664
Telemetry [baseline] (7.464 ms) : 0, 7464
Telemetry [candidate] (7.525 ms) : 0, 7525
ProfilingAgent [baseline] (97.225 ms) : 0, 97225
ProfilingAgent [candidate] (97.255 ms) : 0, 97255
Profiling [baseline] (97.249 ms) : 0, 97249
Profiling [candidate] (97.279 ms) : 0, 97279

Loading

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.081 s) : 0, 1080783
Total [baseline] (8.589 s) : 0, 8589430
Agent [candidate] (1.07 s) : 0, 1069528
Total [candidate] (8.574 s) : 0, 8573832
section iast
Agent [baseline] (1.2 s) : 0, 1200478
Total [baseline] (9.187 s) : 0, 9186991
Agent [candidate] (1.201 s) : 0, 1201463
Total [candidate] (9.115 s) : 0, 9115391
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.208 s) : 0, 1208152
Total [baseline] (9.172 s) : 0, 9171731
Agent [candidate] (1.2 s) : 0, 1199871
Total [candidate] (9.095 s) : 0, 9095230
section iast_TELEMETRY_OFF
Agent [baseline] (1.196 s) : 0, 1195963
Total [baseline] (9.104 s) : 0, 9103531
Agent [candidate] (1.197 s) : 0, 1196817
Total [candidate] (9.095 s) : 0, 9095416

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.081 s	-
Agent	iast	1.2 s	119.695 ms (11.1%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.208 s	127.369 ms (11.8%)
Agent	iast_TELEMETRY_OFF	1.196 s	115.18 ms (10.7%)
Total	tracing	8.589 s	-
Total	iast	9.187 s	597.561 ms (7.0%)
Total	iast_HARDCODED_SECRET_DISABLED	9.172 s	582.301 ms (6.8%)
Total	iast_TELEMETRY_OFF	9.104 s	514.1 ms (6.0%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.07 s	-
Agent	iast	1.201 s	131.934 ms (12.3%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.2 s	130.343 ms (12.2%)
Agent	iast_TELEMETRY_OFF	1.197 s	127.288 ms (11.9%)
Total	tracing	8.574 s	-
Total	iast	9.115 s	541.559 ms (6.3%)
Total	iast_HARDCODED_SECRET_DISABLED	9.095 s	521.398 ms (6.1%)
Total	iast_TELEMETRY_OFF	9.095 s	521.584 ms (6.1%)

gantt
    title insecure-bank - break down per module: candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (689.734 ms) : 0, 689734
BytebuddyAgent [candidate] (682.388 ms) : 0, 682388
GlobalTracer [baseline] (314.254 ms) : 0, 314254
GlobalTracer [candidate] (311.177 ms) : 0, 311177
AppSec [baseline] (54.553 ms) : 0, 54553
AppSec [candidate] (53.879 ms) : 0, 53879
Remote Config [baseline] (666.338 µs) : 0, 666
Remote Config [candidate] (661.081 µs) : 0, 661
Telemetry [baseline] (7.687 ms) : 0, 7687
Telemetry [candidate] (7.677 ms) : 0, 7677
section iast
BytebuddyAgent [baseline] (799.235 ms) : 0, 799235
BytebuddyAgent [candidate] (799.513 ms) : 0, 799513
GlobalTracer [baseline] (301.225 ms) : 0, 301225
GlobalTracer [candidate] (301.489 ms) : 0, 301489
AppSec [baseline] (54.105 ms) : 0, 54105
AppSec [candidate] (53.442 ms) : 0, 53442
IAST [baseline] (24.421 ms) : 0, 24421
IAST [candidate] (24.651 ms) : 0, 24651
Remote Config [baseline] (608.525 µs) : 0, 609
Remote Config [candidate] (615.145 µs) : 0, 615
Telemetry [baseline] (7.04 ms) : 0, 7040
Telemetry [candidate] (7.888 ms) : 0, 7888
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (803.319 ms) : 0, 803319
BytebuddyAgent [candidate] (798.455 ms) : 0, 798455
GlobalTracer [baseline] (303.519 ms) : 0, 303519
GlobalTracer [candidate] (301.112 ms) : 0, 301112
AppSec [baseline] (53.953 ms) : 0, 53953
AppSec [candidate] (54.19 ms) : 0, 54190
IAST [baseline] (25.662 ms) : 0, 25662
IAST [candidate] (24.493 ms) : 0, 24493
Remote Config [baseline] (617.237 µs) : 0, 617
Remote Config [candidate] (616.747 µs) : 0, 617
Telemetry [baseline] (7.129 ms) : 0, 7129
Telemetry [candidate] (7.089 ms) : 0, 7089
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (795.419 ms) : 0, 795419
BytebuddyAgent [candidate] (795.842 ms) : 0, 795842
GlobalTracer [baseline] (300.685 ms) : 0, 300685
GlobalTracer [candidate] (301.15 ms) : 0, 301150
AppSec [baseline] (55.98 ms) : 0, 55980
AppSec [candidate] (53.532 ms) : 0, 53532
IAST [baseline] (22.428 ms) : 0, 22428
IAST [candidate] (24.897 ms) : 0, 24897
Remote Config [baseline] (638.489 µs) : 0, 638
Remote Config [candidate] (599.036 µs) : 0, 599
Telemetry [baseline] (6.951 ms) : 0, 6951
Telemetry [candidate] (6.874 ms) : 0, 6874

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2024-10-04T08:00:18	2024-10-04T08:07:09
git_branch	master	alejandro.gonzalez/add-waf_timeout-to-telemetry
git_commit_date	1728024292	1728028165
git_commit_sha	a7066d9	e1e8ba9
release_version	1.41.0-SNAPSHOT~a7066d9967	1.41.0-SNAPSHOT~e1e8ba9c0e
start_time	2024-10-04T08:00:05	2024-10-04T08:06:55

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1728029574	1728029574
ci_job_id	661300261	661300261
ci_pipeline_id	45796132	45796132
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics.

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967
    dateFormat X
    axisFormat %s
section baseline
no_agent (370.566 µs) : 351, 390
.   : milestone, 371,
iast (485.339 µs) : 464, 507
.   : milestone, 485,
iast_FULL (553.868 µs) : 533, 575
.   : milestone, 554,
iast_GLOBAL (511.148 µs) : 490, 533
.   : milestone, 511,
iast_HARDCODED_SECRET_DISABLED (482.538 µs) : 461, 504
.   : milestone, 483,
iast_INACTIVE (448.904 µs) : 428, 470
.   : milestone, 449,
iast_TELEMETRY_OFF (477.765 µs) : 457, 499
.   : milestone, 478,
tracing (440.396 µs) : 420, 461
.   : milestone, 440,
section candidate
no_agent (366.684 µs) : 347, 386
.   : milestone, 367,
iast (484.968 µs) : 464, 506
.   : milestone, 485,
iast_FULL (557.638 µs) : 537, 579
.   : milestone, 558,
iast_GLOBAL (503.263 µs) : 482, 524
.   : milestone, 503,
iast_HARDCODED_SECRET_DISABLED (483.713 µs) : 462, 506
.   : milestone, 484,
iast_INACTIVE (445.544 µs) : 425, 467
.   : milestone, 446,
iast_TELEMETRY_OFF (476.525 µs) : 455, 498
.   : milestone, 477,
tracing (442.189 µs) : 421, 463
.   : milestone, 442,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	370.566 µs [350.68 µs, 390.451 µs]	-
iast	485.339 µs [464.024 µs, 506.653 µs]	114.773 µs (31.0%)
iast_FULL	553.868 µs [532.697 µs, 575.04 µs]	183.302 µs (49.5%)
iast_GLOBAL	511.148 µs [489.691 µs, 532.604 µs]	140.582 µs (37.9%)
iast_HARDCODED_SECRET_DISABLED	482.538 µs [461.411 µs, 503.664 µs]	111.972 µs (30.2%)
iast_INACTIVE	448.904 µs [427.85 µs, 469.957 µs]	78.338 µs (21.1%)
iast_TELEMETRY_OFF	477.765 µs [456.734 µs, 498.795 µs]	107.199 µs (28.9%)
tracing	440.396 µs [420.089 µs, 460.703 µs]	69.83 µs (18.8%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	366.684 µs [347.407 µs, 385.96 µs]	-
iast	484.968 µs [463.828 µs, 506.107 µs]	118.284 µs (32.3%)
iast_FULL	557.638 µs [536.578 µs, 578.698 µs]	190.954 µs (52.1%)
iast_GLOBAL	503.263 µs [482.498 µs, 524.029 µs]	136.58 µs (37.2%)
iast_HARDCODED_SECRET_DISABLED	483.713 µs [461.756 µs, 505.67 µs]	117.029 µs (31.9%)
iast_INACTIVE	445.544 µs [424.504 µs, 466.584 µs]	78.86 µs (21.5%)
iast_TELEMETRY_OFF	476.525 µs [455.082 µs, 497.969 µs]	109.842 µs (30.0%)
tracing	442.189 µs [421.467 µs, 462.91 µs]	75.505 µs (20.6%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.345 ms) : 1325, 1364
.   : milestone, 1345,
appsec (1.703 ms) : 1680, 1727
.   : milestone, 1703,
appsec_no_iast (1.717 ms) : 1694, 1741
.   : milestone, 1717,
iast (1.467 ms) : 1444, 1489
.   : milestone, 1467,
profiling (1.487 ms) : 1462, 1512
.   : milestone, 1487,
tracing (1.475 ms) : 1451, 1499
.   : milestone, 1475,
section candidate
no_agent (1.338 ms) : 1318, 1358
.   : milestone, 1338,
appsec (1.712 ms) : 1689, 1734
.   : milestone, 1712,
appsec_no_iast (1.717 ms) : 1692, 1742
.   : milestone, 1717,
iast (1.476 ms) : 1454, 1497
.   : milestone, 1476,
profiling (1.485 ms) : 1460, 1510
.   : milestone, 1485,
tracing (1.444 ms) : 1419, 1469
.   : milestone, 1444,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.345 ms [1.325 ms, 1.364 ms]	-
appsec	1.703 ms [1.68 ms, 1.727 ms]	358.753 µs (26.7%)
appsec_no_iast	1.717 ms [1.694 ms, 1.741 ms]	372.895 µs (27.7%)
iast	1.467 ms [1.444 ms, 1.489 ms]	121.98 µs (9.1%)
profiling	1.487 ms [1.462 ms, 1.512 ms]	142.173 µs (10.6%)
tracing	1.475 ms [1.451 ms, 1.499 ms]	130.629 µs (9.7%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.338 ms [1.318 ms, 1.358 ms]	-
appsec	1.712 ms [1.689 ms, 1.734 ms]	373.927 µs (27.9%)
appsec_no_iast	1.717 ms [1.692 ms, 1.742 ms]	379.025 µs (28.3%)
iast	1.476 ms [1.454 ms, 1.497 ms]	137.68 µs (10.3%)
profiling	1.485 ms [1.46 ms, 1.51 ms]	147.016 µs (11.0%)
tracing	1.444 ms [1.419 ms, 1.469 ms]	106.352 µs (7.9%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/add-waf_timeout-to-telemetry
git_commit_date	1728024292	1728028165
git_commit_sha	a7066d9	e1e8ba9
release_version	1.41.0-SNAPSHOT~a7066d9967	1.41.0-SNAPSHOT~e1e8ba9c0e

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1728030008	1728030008
ci_job_id	661300262	661300262
ci_pipeline_id	45796132	45796132
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.317 s) : 15317000, 15317000
.   : milestone, 15317000,
appsec (15.049 s) : 15049000, 15049000
.   : milestone, 15049000,
iast (18.789 s) : 18789000, 18789000
.   : milestone, 18789000,
iast_GLOBAL (18.286 s) : 18286000, 18286000
.   : milestone, 18286000,
profiling (15.297 s) : 15297000, 15297000
.   : milestone, 15297000,
tracing (15.489 s) : 15489000, 15489000
.   : milestone, 15489000,
section candidate
no_agent (15.103 s) : 15103000, 15103000
.   : milestone, 15103000,
appsec (15.049 s) : 15049000, 15049000
.   : milestone, 15049000,
iast (18.696 s) : 18696000, 18696000
.   : milestone, 18696000,
iast_GLOBAL (18.245 s) : 18245000, 18245000
.   : milestone, 18245000,
profiling (15.121 s) : 15121000, 15121000
.   : milestone, 15121000,
tracing (15.246 s) : 15246000, 15246000
.   : milestone, 15246000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.317 s [15.317 s, 15.317 s]	-
appsec	15.049 s [15.049 s, 15.049 s]	-268.0 ms (-1.7%)
iast	18.789 s [18.789 s, 18.789 s]	3.472 s (22.7%)
iast_GLOBAL	18.286 s [18.286 s, 18.286 s]	2.969 s (19.4%)
profiling	15.297 s [15.297 s, 15.297 s]	-20.0 ms (-0.1%)
tracing	15.489 s [15.489 s, 15.489 s]	172.0 ms (1.1%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.103 s [15.103 s, 15.103 s]	-
appsec	15.049 s [15.049 s, 15.049 s]	-54.0 ms (-0.4%)
iast	18.696 s [18.696 s, 18.696 s]	3.593 s (23.8%)
iast_GLOBAL	18.245 s [18.245 s, 18.245 s]	3.142 s (20.8%)
profiling	15.121 s [15.121 s, 15.121 s]	18.0 ms (0.1%)
tracing	15.246 s [15.246 s, 15.246 s]	143.0 ms (0.9%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.41.0-SNAPSHOT~e1e8ba9c0e, baseline=1.41.0-SNAPSHOT~a7066d9967
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.465 ms) : 1454, 1477
.   : milestone, 1465,
appsec (2.306 ms) : 2266, 2346
.   : milestone, 2306,
iast (2.058 ms) : 2007, 2109
.   : milestone, 2058,
iast_GLOBAL (2.123 ms) : 2070, 2175
.   : milestone, 2123,
profiling (1.935 ms) : 1894, 1977
.   : milestone, 1935,
tracing (1.911 ms) : 1871, 1950
.   : milestone, 1911,
section candidate
no_agent (1.469 ms) : 1458, 1481
.   : milestone, 1469,
appsec (2.3 ms) : 2259, 2340
.   : milestone, 2300,
iast (2.065 ms) : 2013, 2117
.   : milestone, 2065,
iast_GLOBAL (2.11 ms) : 2058, 2161
.   : milestone, 2110,
profiling (1.932 ms) : 1891, 1973
.   : milestone, 1932,
tracing (1.904 ms) : 1865, 1943
.   : milestone, 1904,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.465 ms [1.454 ms, 1.477 ms]	-
appsec	2.306 ms [2.266 ms, 2.346 ms]	840.731 µs (57.4%)
iast	2.058 ms [2.007 ms, 2.109 ms]	592.86 µs (40.5%)
iast_GLOBAL	2.123 ms [2.07 ms, 2.175 ms]	657.206 µs (44.8%)
profiling	1.935 ms [1.894 ms, 1.977 ms]	469.842 µs (32.1%)
tracing	1.911 ms [1.871 ms, 1.95 ms]	445.457 µs (30.4%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.469 ms [1.458 ms, 1.481 ms]	-
appsec	2.3 ms [2.259 ms, 2.34 ms]	830.454 µs (56.5%)
iast	2.065 ms [2.013 ms, 2.117 ms]	595.876 µs (40.6%)
iast_GLOBAL	2.11 ms [2.058 ms, 2.161 ms]	640.621 µs (43.6%)
profiling	1.932 ms [1.891 ms, 1.973 ms]	462.544 µs (31.5%)
tracing	1.904 ms [1.865 ms, 1.943 ms]	434.78 µs (29.6%)

[manuel-alvarez-alvarez]

It might be easier to just rollback the collector in a cleanup instead of creating a forked test (performance wise)

[manuel-alvarez-alvarez]

LGTM

As a side note, continuously adding tags to the metric, when they are mostly exclusive, only makes the code hard to reason about. Probably we could have done it with a single tag with the different possible values: normal, rule_triggered, blocked, waf_timeout and excluded

[jandro996]

LGTM

As a side note, continuously adding tags to the metric, when they are mostly exclusive, only makes the code hard to reason about. Probably we could have done it with a single tag with the different possible values: normal, rule_triggered, blocked, waf_timeout and excluded

Sounds good to me, maybe it will be a good idea to translate your thoughts to the Conflunce page that defines the WAF Telemetry