Fix appsec.rasp.error and appsec.waf.error telemetry metrics #8624

jandro996 · 2025-03-26T11:39:16Z

What Does This Do

Remove counters from AppsecRequestContext as they are not used in the metrics
Fix appsec.waf.error metric tags as they didn't match the RFC
Fix that appsec.waf.error was created in the same loop using the rasp counter instead of using the waf counter
Increment metrics if UnclassifiedPowerwafException is thrown
Replace ConcurrentHashMap with AtomicLongArray for raspErrorCodeCounter to improve performance and memory efficiency
Add test to cover WafModule implementation

Motivation

Additional Notes

appsec.waf.error Count Counts the number of times the WAF returned an error when evaluating WAF addresses through ddwaf_run.

Version String waf_version Version of the libddwaf library

Version String event_rules_version Version of the ruleset

Int waf_error The numeric error returned by ddwaf_run or -127 If the error is caused by the WAF bindings rather than the call to ddwaf_run.

It's necessary to add more test to cover how metrics are incremented for errors in waf calls, right now the class used for that purpose (Additive) is final so there is no easy way to test this properly.
https://datadoghq.atlassian.net/browse/APPSEC-57082

Contributor Checklist

Format the title according the contribution guidelines
Assign the type: and (comp: or inst:) labels in addition to any usefull labels
Don't use close, fix or any linking keywords when referencing an issue.
Use solves instead, and assign the PR milestone to the issue
Update the public documentation in case of new configuration flag or behavior

Jira ticket: APPSEC-57054

pr-commenter · 2025-03-26T14:14:46Z

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-57054
git_commit_date	1743592817	1743592881
git_commit_sha	`32046a3`	`5f4cc62`
release_version	1.48.0-SNAPSHOT~32046a39ed	1.48.0-SNAPSHOT~5f4cc62475

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1743595743	1743595743
ci_job_id	876761446	876761446
ci_pipeline_id	60782595	60782595
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-x-j3wh1g-project-304-concurrent-0-g2p1j8wr 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-x-j3wh1g-project-304-concurrent-0-g2p1j8wr 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 66 metrics, 5 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.048 s) : 0, 1048470
Total [baseline] (8.65 s) : 0, 8650187
Agent [candidate] (1.051 s) : 0, 1051216
Total [candidate] (8.662 s) : 0, 8661598
section iast
Agent [baseline] (1.185 s) : 0, 1184816
Total [baseline] (9.269 s) : 0, 9269118
Agent [candidate] (1.193 s) : 0, 1193365
Total [candidate] (9.27 s) : 0, 9270449
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.179 s) : 0, 1178579
Total [baseline] (9.222 s) : 0, 9221523
Agent [candidate] (1.18 s) : 0, 1180120
Total [candidate] (9.196 s) : 0, 9196255
section iast_TELEMETRY_OFF
Agent [baseline] (1.175 s) : 0, 1175194
Total [baseline] (9.268 s) : 0, 9267976
Agent [candidate] (1.174 s) : 0, 1174478
Total [candidate] (9.268 s) : 0, 9267952

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.048 s	-
Agent	iast	1.185 s	136.346 ms (13.0%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.179 s	130.109 ms (12.4%)
Agent	iast_TELEMETRY_OFF	1.175 s	126.723 ms (12.1%)
Total	tracing	8.65 s	-
Total	iast	9.269 s	618.932 ms (7.2%)
Total	iast_HARDCODED_SECRET_DISABLED	9.222 s	571.336 ms (6.6%)
Total	iast_TELEMETRY_OFF	9.268 s	617.789 ms (7.1%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.051 s	-
Agent	iast	1.193 s	142.149 ms (13.5%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.18 s	128.904 ms (12.3%)
Agent	iast_TELEMETRY_OFF	1.174 s	123.261 ms (11.7%)
Total	tracing	8.662 s	-
Total	iast	9.27 s	608.851 ms (7.0%)
Total	iast_HARDCODED_SECRET_DISABLED	9.196 s	534.657 ms (6.2%)
Total	iast_TELEMETRY_OFF	9.268 s	606.354 ms (7.0%)

gantt
    title insecure-bank - break down per module: candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (716.964 ms) : 0, 716964
BytebuddyAgent [candidate] (718.181 ms) : 0, 718181
GlobalTracer [baseline] (238.795 ms) : 0, 238795
GlobalTracer [candidate] (239.274 ms) : 0, 239274
AppSec [baseline] (55.743 ms) : 0, 55743
AppSec [candidate] (55.109 ms) : 0, 55109
Debugger [baseline] (4.462 ms) : 0, 4462
Debugger [candidate] (4.448 ms) : 0, 4448
Remote Config [baseline] (684.235 µs) : 0, 684
Remote Config [candidate] (687.516 µs) : 0, 688
Telemetry [baseline] (11.299 ms) : 0, 11299
Telemetry [candidate] (13.004 ms) : 0, 13004
section iast
BytebuddyAgent [baseline] (842.601 ms) : 0, 842601
BytebuddyAgent [candidate] (849.37 ms) : 0, 849370
GlobalTracer [baseline] (229.662 ms) : 0, 229662
GlobalTracer [candidate] (230.398 ms) : 0, 230398
IAST [baseline] (22.535 ms) : 0, 22535
IAST [candidate] (22.94 ms) : 0, 22940
AppSec [baseline] (56.002 ms) : 0, 56002
AppSec [candidate] (56.266 ms) : 0, 56266
Debugger [baseline] (4.15 ms) : 0, 4150
Debugger [candidate] (4.189 ms) : 0, 4189
Remote Config [baseline] (614.948 µs) : 0, 615
Remote Config [candidate] (625.932 µs) : 0, 626
Telemetry [baseline] (8.736 ms) : 0, 8736
Telemetry [candidate] (8.888 ms) : 0, 8888
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (836.845 ms) : 0, 836845
BytebuddyAgent [candidate] (837.609 ms) : 0, 837609
GlobalTracer [baseline] (229.37 ms) : 0, 229370
GlobalTracer [candidate] (229.692 ms) : 0, 229692
IAST [baseline] (24.228 ms) : 0, 24228
IAST [candidate] (22.825 ms) : 0, 22825
AppSec [baseline] (54.108 ms) : 0, 54108
AppSec [candidate] (56.047 ms) : 0, 56047
Debugger [baseline] (4.174 ms) : 0, 4174
Debugger [candidate] (4.125 ms) : 0, 4125
Remote Config [baseline] (615.231 µs) : 0, 615
Remote Config [candidate] (608.081 µs) : 0, 608
Telemetry [baseline] (8.809 ms) : 0, 8809
Telemetry [candidate] (8.76 ms) : 0, 8760
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (833.801 ms) : 0, 833801
BytebuddyAgent [candidate] (832.975 ms) : 0, 832975
GlobalTracer [baseline] (229.629 ms) : 0, 229629
GlobalTracer [candidate] (229.381 ms) : 0, 229381
IAST [baseline] (21.996 ms) : 0, 21996
IAST [candidate] (22.935 ms) : 0, 22935
AppSec [baseline] (55.823 ms) : 0, 55823
AppSec [candidate] (55.258 ms) : 0, 55258
Debugger [baseline] (4.166 ms) : 0, 4166
Debugger [candidate] (4.188 ms) : 0, 4188
Remote Config [baseline] (618.145 µs) : 0, 618
Remote Config [candidate] (625.732 µs) : 0, 626
Telemetry [baseline] (8.707 ms) : 0, 8707
Telemetry [candidate] (8.714 ms) : 0, 8714

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.053 s) : 0, 1052570
Total [baseline] (10.482 s) : 0, 10481783
Agent [candidate] (1.05 s) : 0, 1050462
Total [candidate] (10.453 s) : 0, 10453034
section appsec
Agent [baseline] (1.201 s) : 0, 1201497
Total [baseline] (10.732 s) : 0, 10731927
Agent [candidate] (1.196 s) : 0, 1196179
Total [candidate] (10.81 s) : 0, 10809910
section iast
Agent [baseline] (1.179 s) : 0, 1179083
Total [baseline] (10.964 s) : 0, 10963503
Agent [candidate] (1.179 s) : 0, 1178991
Total [candidate] (11.006 s) : 0, 11005918
section profiling
Agent [baseline] (1.281 s) : 0, 1280821
Total [baseline] (10.883 s) : 0, 10883086
Agent [candidate] (1.277 s) : 0, 1276768
Total [candidate] (10.903 s) : 0, 10902602

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.053 s	-
Agent	appsec	1.201 s	148.927 ms (14.1%)
Agent	iast	1.179 s	126.513 ms (12.0%)
Agent	profiling	1.281 s	228.251 ms (21.7%)
Total	tracing	10.482 s	-
Total	appsec	10.732 s	250.144 ms (2.4%)
Total	iast	10.964 s	481.72 ms (4.6%)
Total	profiling	10.883 s	401.303 ms (3.8%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.05 s	-
Agent	appsec	1.196 s	145.717 ms (13.9%)
Agent	iast	1.179 s	128.529 ms (12.2%)
Agent	profiling	1.277 s	226.306 ms (21.5%)
Total	tracing	10.453 s	-
Total	appsec	10.81 s	356.876 ms (3.4%)
Total	iast	11.006 s	552.885 ms (5.3%)
Total	profiling	10.903 s	449.568 ms (4.3%)

gantt
    title petclinic - break down per module: candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (718.205 ms) : 0, 718205
BytebuddyAgent [candidate] (718.051 ms) : 0, 718051
GlobalTracer [baseline] (239.23 ms) : 0, 239230
GlobalTracer [candidate] (239.197 ms) : 0, 239197
AppSec [baseline] (54.466 ms) : 0, 54466
AppSec [candidate] (54.554 ms) : 0, 54554
Debugger [baseline] (4.42 ms) : 0, 4420
Debugger [candidate] (4.41 ms) : 0, 4410
Remote Config [baseline] (705.492 µs) : 0, 705
Remote Config [candidate] (700.092 µs) : 0, 700
Telemetry [baseline] (15.036 ms) : 0, 15036
Telemetry [candidate] (13.013 ms) : 0, 13013
section appsec
BytebuddyAgent [baseline] (742.549 ms) : 0, 742549
BytebuddyAgent [candidate] (738.15 ms) : 0, 738150
GlobalTracer [baseline] (237.523 ms) : 0, 237523
GlobalTracer [candidate] (236.696 ms) : 0, 236696
AppSec [baseline] (176.414 ms) : 0, 176414
AppSec [candidate] (176.675 ms) : 0, 176675
Debugger [baseline] (4.294 ms) : 0, 4294
Debugger [candidate] (4.286 ms) : 0, 4286
Remote Config [baseline] (641.343 µs) : 0, 641
Remote Config [candidate] (645.376 µs) : 0, 645
Telemetry [baseline] (8.597 ms) : 0, 8597
Telemetry [candidate] (8.2 ms) : 0, 8200
IAST [baseline] (21.745 ms) : 0, 21745
IAST [candidate] (21.938 ms) : 0, 21938
section iast
BytebuddyAgent [baseline] (836.96 ms) : 0, 836960
BytebuddyAgent [candidate] (836.827 ms) : 0, 836827
GlobalTracer [baseline] (229.557 ms) : 0, 229557
GlobalTracer [candidate] (229.286 ms) : 0, 229286
AppSec [baseline] (56.042 ms) : 0, 56042
AppSec [candidate] (56.357 ms) : 0, 56357
Debugger [baseline] (4.119 ms) : 0, 4119
Debugger [candidate] (4.135 ms) : 0, 4135
Remote Config [baseline] (615.757 µs) : 0, 616
Remote Config [candidate] (628.843 µs) : 0, 629
Telemetry [baseline] (8.67 ms) : 0, 8670
Telemetry [candidate] (8.713 ms) : 0, 8713
IAST [baseline] (22.715 ms) : 0, 22715
IAST [candidate] (22.624 ms) : 0, 22624
section profiling
BytebuddyAgent [baseline] (712.953 ms) : 0, 712953
BytebuddyAgent [candidate] (710.597 ms) : 0, 710597
GlobalTracer [baseline] (350.279 ms) : 0, 350279
GlobalTracer [candidate] (349.939 ms) : 0, 349939
AppSec [baseline] (54.277 ms) : 0, 54277
AppSec [candidate] (53.217 ms) : 0, 53217
Debugger [baseline] (4.302 ms) : 0, 4302
Debugger [candidate] (4.283 ms) : 0, 4283
Remote Config [baseline] (717.229 µs) : 0, 717
Remote Config [candidate] (691.479 µs) : 0, 691
Telemetry [baseline] (8.979 ms) : 0, 8979
Telemetry [candidate] (9.002 ms) : 0, 9002
ProfilingAgent [baseline] (103.372 ms) : 0, 103372
ProfilingAgent [candidate] (103.37 ms) : 0, 103370
Profiling [baseline] (103.397 ms) : 0, 103397
Profiling [candidate] (103.397 ms) : 0, 103397

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2025-04-02T11:41:18	2025-04-02T11:49:05
git_branch	master	alejandro.gonzalez/APPSEC-57054
git_commit_date	1743592817	1743592881
git_commit_sha	`32046a3`	`5f4cc62`
release_version	1.48.0-SNAPSHOT~32046a39ed	1.48.0-SNAPSHOT~5f4cc62475
start_time	2025-04-02T11:41:04	2025-04-02T11:48:50

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1743594946	1743594946
ci_job_id	876761447	876761447
ci_pipeline_id	60782595	60782595
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-1ywhvvpj-project-304-concurrent-0-1uzddymk 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-1ywhvvpj-project-304-concurrent-0-1uzddymk 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 16 unstable metrics.

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.377 ms) : 1357, 1396
.   : milestone, 1377,
appsec (1.737 ms) : 1713, 1760
.   : milestone, 1737,
appsec_no_iast (1.739 ms) : 1714, 1764
.   : milestone, 1739,
code_origins (1.696 ms) : 1670, 1722
.   : milestone, 1696,
iast (1.518 ms) : 1493, 1543
.   : milestone, 1518,
profiling (1.526 ms) : 1502, 1550
.   : milestone, 1526,
tracing (1.499 ms) : 1475, 1523
.   : milestone, 1499,
section candidate
no_agent (1.376 ms) : 1355, 1396
.   : milestone, 1376,
appsec (1.776 ms) : 1753, 1799
.   : milestone, 1776,
appsec_no_iast (1.75 ms) : 1725, 1775
.   : milestone, 1750,
code_origins (1.699 ms) : 1671, 1726
.   : milestone, 1699,
iast (1.519 ms) : 1495, 1544
.   : milestone, 1519,
profiling (1.563 ms) : 1538, 1588
.   : milestone, 1563,
tracing (1.509 ms) : 1485, 1534
.   : milestone, 1509,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.377 ms [1.357 ms, 1.396 ms]	-
appsec	1.737 ms [1.713 ms, 1.76 ms]	359.814 µs (26.1%)
appsec_no_iast	1.739 ms [1.714 ms, 1.764 ms]	362.173 µs (26.3%)
code_origins	1.696 ms [1.67 ms, 1.722 ms]	319.096 µs (23.2%)
iast	1.518 ms [1.493 ms, 1.543 ms]	140.691 µs (10.2%)
profiling	1.526 ms [1.502 ms, 1.55 ms]	148.867 µs (10.8%)
tracing	1.499 ms [1.475 ms, 1.523 ms]	122.089 µs (8.9%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.376 ms [1.355 ms, 1.396 ms]	-
appsec	1.776 ms [1.753 ms, 1.799 ms]	400.301 µs (29.1%)
appsec_no_iast	1.75 ms [1.725 ms, 1.775 ms]	374.57 µs (27.2%)
code_origins	1.699 ms [1.671 ms, 1.726 ms]	323.16 µs (23.5%)
iast	1.519 ms [1.495 ms, 1.544 ms]	143.657 µs (10.4%)
profiling	1.563 ms [1.538 ms, 1.588 ms]	187.59 µs (13.6%)
tracing	1.509 ms [1.485 ms, 1.534 ms]	133.563 µs (9.7%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed
    dateFormat X
    axisFormat %s
section baseline
no_agent (382.212 µs) : 362, 402
.   : milestone, 382,
iast (518.418 µs) : 497, 540
.   : milestone, 518,
iast_FULL (737.905 µs) : 716, 760
.   : milestone, 738,
iast_GLOBAL (564.556 µs) : 543, 586
.   : milestone, 565,
iast_HARDCODED_SECRET_DISABLED (520.539 µs) : 499, 542
.   : milestone, 521,
iast_INACTIVE (469.102 µs) : 447, 491
.   : milestone, 469,
iast_TELEMETRY_OFF (516.154 µs) : 493, 539
.   : milestone, 516,
tracing (466.684 µs) : 445, 488
.   : milestone, 467,
section candidate
no_agent (384.365 µs) : 364, 404
.   : milestone, 384,
iast (520.471 µs) : 499, 542
.   : milestone, 520,
iast_FULL (741.861 µs) : 720, 764
.   : milestone, 742,
iast_GLOBAL (564.661 µs) : 543, 587
.   : milestone, 565,
iast_HARDCODED_SECRET_DISABLED (521.131 µs) : 499, 543
.   : milestone, 521,
iast_INACTIVE (470.165 µs) : 449, 492
.   : milestone, 470,
iast_TELEMETRY_OFF (509.689 µs) : 487, 532
.   : milestone, 510,
tracing (467.319 µs) : 446, 489
.   : milestone, 467,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	382.212 µs [361.965 µs, 402.459 µs]	-
iast	518.418 µs [496.648 µs, 540.188 µs]	136.206 µs (35.6%)
iast_FULL	737.905 µs [715.877 µs, 759.933 µs]	355.693 µs (93.1%)
iast_GLOBAL	564.556 µs [542.795 µs, 586.318 µs]	182.344 µs (47.7%)
iast_HARDCODED_SECRET_DISABLED	520.539 µs [498.599 µs, 542.478 µs]	138.327 µs (36.2%)
iast_INACTIVE	469.102 µs [447.369 µs, 490.835 µs]	86.89 µs (22.7%)
iast_TELEMETRY_OFF	516.154 µs [493.317 µs, 538.99 µs]	133.942 µs (35.0%)
tracing	466.684 µs [445.341 µs, 488.028 µs]	84.473 µs (22.1%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	384.365 µs [364.325 µs, 404.405 µs]	-
iast	520.471 µs [498.688 µs, 542.253 µs]	136.106 µs (35.4%)
iast_FULL	741.861 µs [719.636 µs, 764.087 µs]	357.496 µs (93.0%)
iast_GLOBAL	564.661 µs [542.515 µs, 586.807 µs]	180.296 µs (46.9%)
iast_HARDCODED_SECRET_DISABLED	521.131 µs [499.159 µs, 543.103 µs]	136.765 µs (35.6%)
iast_INACTIVE	470.165 µs [448.752 µs, 491.579 µs]	85.8 µs (22.3%)
iast_TELEMETRY_OFF	509.689 µs [487.414 µs, 531.964 µs]	125.324 µs (32.6%)
tracing	467.319 µs [445.818 µs, 488.821 µs]	82.954 µs (21.6%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-57054
git_commit_date	1743592817	1743592881
git_commit_sha	`32046a3`	`5f4cc62`
release_version	1.48.0-SNAPSHOT~32046a39ed	1.48.0-SNAPSHOT~5f4cc62475

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1743595444	1743595444
ci_job_id	876761448	876761448
ci_pipeline_id	60782595	60782595
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-1ywhvvpj-project-304-concurrent-1-kk9myiz4 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-1ywhvvpj-project-304-concurrent-1-kk9myiz4 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.52 s) : 15520000, 15520000
.   : milestone, 15520000,
appsec (15.01 s) : 15010000, 15010000
.   : milestone, 15010000,
iast (18.868 s) : 18868000, 18868000
.   : milestone, 18868000,
iast_GLOBAL (18.161 s) : 18161000, 18161000
.   : milestone, 18161000,
profiling (14.921 s) : 14921000, 14921000
.   : milestone, 14921000,
tracing (15.035 s) : 15035000, 15035000
.   : milestone, 15035000,
section candidate
no_agent (15.466 s) : 15466000, 15466000
.   : milestone, 15466000,
appsec (14.779 s) : 14779000, 14779000
.   : milestone, 14779000,
iast (19.25 s) : 19250000, 19250000
.   : milestone, 19250000,
iast_GLOBAL (18.218 s) : 18218000, 18218000
.   : milestone, 18218000,
profiling (15.588 s) : 15588000, 15588000
.   : milestone, 15588000,
tracing (14.847 s) : 14847000, 14847000
.   : milestone, 14847000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.52 s [15.52 s, 15.52 s]	-
appsec	15.01 s [15.01 s, 15.01 s]	-510.0 ms (-3.3%)
iast	18.868 s [18.868 s, 18.868 s]	3.348 s (21.6%)
iast_GLOBAL	18.161 s [18.161 s, 18.161 s]	2.641 s (17.0%)
profiling	14.921 s [14.921 s, 14.921 s]	-599.0 ms (-3.9%)
tracing	15.035 s [15.035 s, 15.035 s]	-485.0 ms (-3.1%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.466 s [15.466 s, 15.466 s]	-
appsec	14.779 s [14.779 s, 14.779 s]	-687.0 ms (-4.4%)
iast	19.25 s [19.25 s, 19.25 s]	3.784 s (24.5%)
iast_GLOBAL	18.218 s [18.218 s, 18.218 s]	2.752 s (17.8%)
profiling	15.588 s [15.588 s, 15.588 s]	122.0 ms (0.8%)
tracing	14.847 s [14.847 s, 14.847 s]	-619.0 ms (-4.0%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~5f4cc62475, baseline=1.48.0-SNAPSHOT~32046a39ed
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.477 ms) : 1466, 1489
.   : milestone, 1477,
appsec (2.374 ms) : 2327, 2421
.   : milestone, 2374,
iast (2.161 ms) : 2102, 2220
.   : milestone, 2161,
iast_GLOBAL (2.195 ms) : 2136, 2253
.   : milestone, 2195,
profiling (2.473 ms) : 2292, 2653
.   : milestone, 2473,
tracing (1.979 ms) : 1934, 2025
.   : milestone, 1979,
section candidate
no_agent (1.478 ms) : 1466, 1489
.   : milestone, 1478,
appsec (2.37 ms) : 2324, 2417
.   : milestone, 2370,
iast (2.159 ms) : 2101, 2218
.   : milestone, 2159,
iast_GLOBAL (2.199 ms) : 2140, 2258
.   : milestone, 2199,
profiling (2.028 ms) : 1979, 2076
.   : milestone, 2028,
tracing (1.978 ms) : 1933, 2023
.   : milestone, 1978,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.477 ms [1.466 ms, 1.489 ms]	-
appsec	2.374 ms [2.327 ms, 2.421 ms]	896.584 µs (60.7%)
iast	2.161 ms [2.102 ms, 2.22 ms]	683.955 µs (46.3%)
iast_GLOBAL	2.195 ms [2.136 ms, 2.253 ms]	717.249 µs (48.6%)
profiling	2.473 ms [2.292 ms, 2.653 ms]	995.312 µs (67.4%)
tracing	1.979 ms [1.934 ms, 2.025 ms]	501.85 µs (34.0%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.478 ms [1.466 ms, 1.489 ms]	-
appsec	2.37 ms [2.324 ms, 2.417 ms]	892.427 µs (60.4%)
iast	2.159 ms [2.101 ms, 2.218 ms]	681.609 µs (46.1%)
iast_GLOBAL	2.199 ms [2.14 ms, 2.258 ms]	721.6 µs (48.8%)
profiling	2.028 ms [1.979 ms, 2.076 ms]	550.055 µs (37.2%)
tracing	1.978 ms [1.933 ms, 2.023 ms]	500.187 µs (33.8%)

Remove counters from AppsecRequestContext as they are not used in the metrics Fix appsec.waf.error metric tags as they didn't match the RFC Fix that appsec.waf.error was created in the same loop using the rasp counter instead of using the waf counter Increment metrics if UnclassifiedPowerwafException is thrown Remove the hardcoded waf error codes (provisional enum is used until upgrade libddwaf lib) Replace ConcurrentHashMap with AtomicLongArray for raspErrorCodeCounter to improve performance and memory efficiency Add tests

What Does This Do Remove counters from AppsecRequestContext as they are not used in the metrics Fix appsec.waf.error metric tags as they didn't match the RFC Fix that appsec.waf.error was created in the same loop using the rasp counter instead of using the waf counter Increment metrics if UnclassifiedPowerwafException is thrown Replace ConcurrentHashMap with AtomicLongArray for raspErrorCodeCounter to improve performance and memory efficiency Add test to cover WafModule implementation

| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | org.flywaydb.flyway | plugin | misk/gradle/libs.versions.toml | gradle | minor | `11.6.0` -> `11.7.0` | | [com.squareup.okio:okio-fakefilesystem](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.squareup.okio:okio](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `2.15.0` -> `2.16.0` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:sqs](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | --- ### Release Notes <details> <summary>square/okio (com.squareup.okio:okio-fakefilesystem)</summary> ### [`v3.11.0`](https://github.com/square/okio/blob/HEAD/CHANGELOG.md#Version-3110) *2025-04-09* - Fix: Clear the deflater's byte array reference - New: Faster implementation of `String.decodeHex()` on Kotlin/JS. - New: Declare `EXACTLY_ONCE` execution for blocks like `Closeable.use {}` and `FileSystem.read {}`. - Upgrade: \[Kotlin 2.1.20]\[kotlin\_2\_1\_20]. </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.16.0`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-2160) - \[Feat]: support `com.android.test` projects. - \[Feat]: support typesafe project accessors with opt-in. ```kotlin dependencyAnalysis { useTypesafeProjectAccessors(true) // false by default } ``` </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.48.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.1): 1.48.1 ### Components #### Tracer internal logging - 🐛 Remove print line causing unnecessary logs ([#8687](DataDog/dd-trace-java#8687) - [@sarahchen6](https://github.com/sarahchen6)) ### [`v1.48.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.0): 1.48.0 ### Known Bugs > \[!NOTE] > If you are experiencing issues with spamming timeout logs, please update to the [latest version](https://github.com/DataDog/dd-trace-java/releases/latest) or set [JDK_SOCKET_ENABLED](https://github.com/DataDog/dd-trace-java/blob/33fc3c9a9b7cda3beda88b8b3e5224ae2b10764a/dd-trace-api/src/main/java/datadog/trace/api/config/GeneralConfig.java#L98) to false. ### Components #### Application Security Management (IAST) - ✨ Fix vulnerability location org.jose4j.lang.HashUtil ([#8610](DataDog/dd-trace-java#8610) - [@jandro996](https://github.com/jandro996)) - ✨ Fix weak randomness in oracle.ucp.util.OpaqueString ([#8609](DataDog/dd-trace-java#8609) - [@jandro996](https://github.com/jandro996)) - ✨ Fix weak hash false positive in oracle.security.o5logon.O5Logon ([#8608](DataDog/dd-trace-java#8608) - [@jandro996](https://github.com/jandro996)) - 🐛 Prevent before callsites targeting constructors in super calls ([#8549](DataDog/dd-trace-java#8549) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### Application Security Management (WAF) - ✨ Update login events public SDK to V2 ([#8620](DataDog/dd-trace-java#8620) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#8573](DataDog/dd-trace-java#8573) - [@jandro996](https://github.com/jandro996)) - ✨ Improve detection of missing request end events ([#8510](DataDog/dd-trace-java#8510) - [@smola](https://github.com/smola)) - 🧹 Remove remote configuration for API Security sampling rate ([#8486](DataDog/dd-trace-java#8486) - [@smola](https://github.com/smola)) - ✨ Add setUser to user monitoring SDK ([#8482](DataDog/dd-trace-java#8482) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add missing address for signup event ([#8469](DataDog/dd-trace-java#8469) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Allow login events SDK to be used with appsec disabled ([#8464](DataDog/dd-trace-java#8464) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add support for endpoint discovery in spring mvc ([#8352](DataDog/dd-trace-java#8352) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ New API Security sampling algorithm ([#8178](DataDog/dd-trace-java#8178) - [@ValentinZakharov](https://github.com/ValentinZakharov)) #### Build & Tooling - ✨ Add buffer size customizability to JDK UDS support ([#8629](DataDog/dd-trace-java#8629) - [@sarahchen6](https://github.com/sarahchen6)) - ✨ Add JDK built-in support for UDS on Java 16+ ([#8314](DataDog/dd-trace-java#8314) - [@sarahchen6](https://github.com/sarahchen6)) #### Configuration at Runtime - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#8573](DataDog/dd-trace-java#8573) - [@jandro996](https://github.com/jandro996)) #### Continuous Integration Visibility - 🐛 Prevent double reporting of Scalatest events when using SBT with test forking ([#8682](DataDog/dd-trace-java#8682) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Shutdown CI Visibility test event handlers before tracer ([#8677](DataDog/dd-trace-java#8677) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Do not apply JUnit 4 instrumentation to MUnit runners ([#8675](DataDog/dd-trace-java#8675), [#8683](DataDog/dd-trace-java#8683) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Remove error log when source path resolution fails on isModified check ([#8663](DataDog/dd-trace-java#8663) - [@daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Implement tests reordering for JUnit 4 ([#8650](DataDog/dd-trace-java#8650) - [@daniel-mohedano](https://github.com/daniel-mohedano)) - 🐛 Set default Attempt to Fix retries if none provided from the backend ([#8615](DataDog/dd-trace-java#8615) - [@daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Allow to manually set PR info ([#8566](DataDog/dd-trace-java#8566) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Fix Test Optimization init when repo root cannot be determined ([#8533](DataDog/dd-trace-java#8533) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Add capabilities tagging ([#8499](DataDog/dd-trace-java#8499), [#8540](DataDog/dd-trace-java#8540) - [@daniel-mohedano](https://github.com/daniel-mohedano)) #### Crash tracking - 🐛 Remove dependency on bash from crash/oome uploder scripts ([#8652](DataDog/dd-trace-java#8652) - [@jbachorik](https://github.com/jbachorik)) #### Data Streams Monitoring - ✨ e2e pipeline configuration when data jobs is enabled ([#8553](DataDog/dd-trace-java#8553) - [@kr-igor](https://github.com/kr-igor)) #### Dynamic Instrumentation - 🐛 Fix In-Product when config is empty ([#8679](DataDog/dd-trace-java#8679) - [@jpbempel](https://github.com/jpbempel)) - ✨ Add support for filtering shaded third-party libs ([#8612](DataDog/dd-trace-java#8612) - [@jpbempel](https://github.com/jpbempel)) - ✨ Add In-Product Enablement ([#8587](DataDog/dd-trace-java#8587) - [@jpbempel](https://github.com/jpbempel)) - ✨⚡ Reduce footprint of SourceFile tracking ([#8524](DataDog/dd-trace-java#8524) - [@jpbempel](https://github.com/jpbempel)) - ✨⚡ Optimize the SourceFile tracking ([#8520](DataDog/dd-trace-java#8520) - [@jpbempel](https://github.com/jpbempel)) #### OpenTracing - 🧹 Remove activeScope() use in OpenTracing shim ([#8478](DataDog/dd-trace-java#8478) - [@mcculls](https://github.com/mcculls)) #### Profiling - ✨ Add profiler env check command to AgentCLI ([#8671](DataDog/dd-trace-java#8671) - [@jbachorik](https://github.com/jbachorik)) - ✨ Bump ddprof to 1.23.0 ([#8668](DataDog/dd-trace-java#8668) - [@jbachorik](https://github.com/jbachorik)) - Fix a crash related to ElfParser::loadSymbolTable ([#191](DataDog/dd-trace-java#191)) by [@yanglong1010](https://github.com/yanglong1010) in DataDog/java-profiler#192 - Unwind String.indexOf intrinsic on AArch64 by [@MattAlp](https://github.com/MattAlp) in DataDog/java-profiler#193 - Fix Java 24 support by [@jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#194 - A set of fixes related to clang, aarch64 and musl pecularities of vmstructs stack unwinder by [@jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#199 - 🐛 Remove process information from JFR recording ([#8661](DataDog/dd-trace-java#8661) - [@r1viollet](https://github.com/r1viollet)) - 🐛 Make TempLocationManager USER aware ([#8605](DataDog/dd-trace-java#8605) - [@jbachorik](https://github.com/jbachorik)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#8561](DataDog/dd-trace-java#8561) - [@wmouchere](https://github.com/wmouchere)) #### Telemetry - 🐛 Fix appsec.rasp.error and appsec.waf.error telemetry metrics ([#8624](DataDog/dd-trace-java#8624) - [@jandro996](https://github.com/jandro996)) - ✨ Create metric: appsec.rasp.rule.skipped ([#8618](DataDog/dd-trace-java#8618) - [@jandro996](https://github.com/jandro996)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#8561](DataDog/dd-trace-java#8561) - [@wmouchere](https://github.com/wmouchere)) #### Testing - 🧹 Simplify ssi tests one-pipeline ([#8558](DataDog/dd-trace-java#8558) - [@robertomonteromiguel](https://github.com/robertomonteromiguel)) - ✨ Add smoke tests for java's concurrent API ([#8438](DataDog/dd-trace-java#8438) - [@sarahchen6](https://github.com/sarahchen6)) #### Trace context propagation - ✨ Adding Support for `TRACE_PROPAGATION_BEHAVIOR_EXTRACT` ([#8535](DataDog/dd-trace-java#8535) - [@mhlidd](https://github.com/mhlidd)) #### Tracer core - 🐛 Ensure shaded helpers have unique names ([#8559](DataDog/dd-trace-java#8559) - [@amarziali](https://github.com/amarziali)) - ✨ Support common config sources for user-provided git info ([#8547](DataDog/dd-trace-java#8547) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Make the default config sources more robust when a security manager is installed ([#8544](DataDog/dd-trace-java#8544) - [@mcculls](https://github.com/mcculls)) - ✨ Support targeting services with configurations in stable configuration file ([#8526](DataDog/dd-trace-java#8526) - [@mtoffl01](https://github.com/mtoffl01)) - ✨ Add new parser for `DD_TAGS` and prioritizing `DD_SERVICE` ([#8296](DataDog/dd-trace-java#8296) - [@mhlidd](https://github.com/mhlidd)) #### Tracer internal logging - 🐛 Add missing debug log for the cloudPayloadTaggingServices config ([#8600](DataDog/dd-trace-java#8600) - [@ygree](https://github.com/ygree)) - ✨ Add the possibility to output the logs of the Java tracer in JSON ([#8083](DataDog/dd-trace-java#8083) - [@cecile75](https://github.com/cecile75)) #### Tracer public API - ✨ Introducing `DD_TRACE_EXPERIMENTAL_FEATURES_ENABLED` Config ([#8536](DataDog/dd-trace-java#8536) - [@mhlidd](https://github.com/mhlidd)) - ✨ Config Consistency Round 2 ([#8489](DataDog/dd-trace-java#8489) - [@mhlidd](https://github.com/mhlidd)) ### Instrumentations #### - 🐛 Fix NPE in getMdcCopy of LoggingEventInstrumentation ([#8599](DataDog/dd-trace-java#8599) - [@ygree](https://github.com/ygree)) #### Apache Spark instrumentation - ✨ Instrument Runtime.exit() to finish spark application spans ([#8572](DataDog/dd-trace-java#8572) - [@paul-laffon-dd](https://github.com/paul-laffon-dd)) - ✨ Configure OpenLineage if present in Spark instrumentation ([#8541](DataDog/dd-trace-java#8541) - [@mobuchowski](https://github.com/mobuchowski)) #### Armeria Instrumentation - ✨ Support armeria grpc 1.32.3 ([#8606](DataDog/dd-trace-java#8606) - [@github-actions](https://github.com/github-actions)\[bot]) #### AWS DynamoDB Instrumentation - ✨ Create DynamoDB instrumentation + add span pointers for `updateItem` and `deleteItem` ([#8490](DataDog/dd-trace-java#8490) - [@nhulston](https://github.com/nhulston)) #### AWS SDK instrumentation - ✨ Add DynamoDB in DEFAULT_TRACE_CLOUD_PAYLOAD_TAGGING_SERVICES ([#8595](DataDog/dd-trace-java#8595) - [@joeyzhao2018](https://github.com/joeyzhao2018)) #### Azure Functions instrumentation - ✨ Enable tracer computed trace metrics by default for Azure Functions ([#8518](DataDog/dd-trace-java#8518) - [@duncanpharvey](https://github.com/duncanpharvey)) - 💡 Add azure-functions instrumentation ([#8432](DataDog/dd-trace-java#8432) - [@duncanpharvey](https://github.com/duncanpharvey)) #### Core Java language instrumentation - 🐛 Fix ForkJoinPool.execute() instrumentation on Java 21+ ([#8560](DataDog/dd-trace-java#8560) - [@PerfectSlayer](https://github.com/PerfectSlayer)) #### Eclipse Vert.x instrumentation - ✨ Add vertx postgresql client instrumentation ([#8471](DataDog/dd-trace-java#8471) - [@vandonr](https://github.com/vandonr) - thanks for the contribution!) #### Kafka instrumentation - ✨ Support and test kafka-clients 4 ([#8581](DataDog/dd-trace-java#8581) - [@amarziali](https://github.com/amarziali)) #### Kotlin instrumentation - ✨ Avoid disconnected traces when using Kotlin flowOn ([#8651](DataDog/dd-trace-java#8651) - [@mcculls](https://github.com/mcculls)) #### OpenTelemetry instrumentation - 🧹 Migrate OtelContext wrapper to new internal Context API ([#8645](DataDog/dd-trace-java#8645) - [@mcculls](https://github.com/mcculls)) #### Spring instrumentation - 🐛 Support CompletableFuture on spring webmvc controllers ([#8659](DataDog/dd-trace-java#8659) - [@amarziali](https://github.com/amarziali)) - ✨ Add support for endpoint discovery in spring mvc ([#8352](DataDog/dd-trace-java#8352) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### WebSocket Instrumentation - ✨ Instrument Jetty websocket pojo ([#8562](DataDog/dd-trace-java#8562) - [@amarziali](https://github.com/amarziali)) - 💡 Instrument Java Websocket API (JSR356) ([#8440](DataDog/dd-trace-java#8440) - [@amarziali](https://github.com/amarziali)) #### All other instrumentations - ✨ Introduce cache for peer.hostname lookup ([#8601](DataDog/dd-trace-java#8601) - [@mcculls](https://github.com/mcculls)) - ✨ Support pekko http 1.1 ([#8532](DataDog/dd-trace-java#8532) - [@amarziali](https://github.com/amarziali)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: 331314f71acaced3adc75ea5d7e855c248d593fc

jandro996 added type: bug comp: telemetry Telemetry labels Mar 26, 2025

jandro996 requested a review from smola March 26, 2025 11:39

jandro996 self-assigned this Mar 26, 2025

jandro996 requested a review from a team as a code owner March 26, 2025 11:39

jandro996 requested a review from sezen-datadog March 26, 2025 11:39

jandro996 marked this pull request as draft March 26, 2025 11:40

jandro996 marked this pull request as ready for review March 26, 2025 13:35

jandro996 marked this pull request as draft March 27, 2025 07:27

jandro996 requested a review from manuel-alvarez-alvarez March 28, 2025 08:53

jandro996 removed their assignment Mar 28, 2025

jandro996 force-pushed the alejandro.gonzalez/APPSEC-57054 branch from 8e3c6f1 to e983959 Compare March 31, 2025 09:39

jandro996 marked this pull request as ready for review March 31, 2025 13:35

jandro996 force-pushed the alejandro.gonzalez/APPSEC-57054 branch 2 times, most recently from e57d2c4 to 2730957 Compare April 1, 2025 18:31

jandro996 requested a review from a team as a code owner April 1, 2025 18:31

jandro996 force-pushed the alejandro.gonzalez/APPSEC-57054 branch from 0a46acc to a387a2f Compare April 2, 2025 09:29

jandro996 force-pushed the alejandro.gonzalez/APPSEC-57054 branch from 2963701 to d354d38 Compare April 2, 2025 10:36

fix

5f4cc62

smola approved these changes Apr 7, 2025

View reviewed changes

jandro996 merged commit b9cd4c4 into master Apr 7, 2025
252 checks passed

jandro996 deleted the alejandro.gonzalez/APPSEC-57054 branch April 7, 2025 08:01

github-actions bot added this to the 1.48.0 milestone Apr 7, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix appsec.rasp.error and appsec.waf.error telemetry metrics #8624

Fix appsec.rasp.error and appsec.waf.error telemetry metrics #8624

jandro996 commented Mar 26, 2025 •

edited

Loading

pr-commenter bot commented Mar 26, 2025 •

edited

Loading

Count		Counts the number of times the WAF returned an error when evaluating WAF addresses through ddwaf_run.
Version String	waf_version	Version of the libddwaf library
Version String	event_rules_version	Version of the ruleset
Int	waf_error	The numeric error returned by ddwaf_run or -127 If the error is caused by the WAF bindings rather than the call to ddwaf_run.

Fix appsec.rasp.error and appsec.waf.error telemetry metrics #8624

Fix appsec.rasp.error and appsec.waf.error telemetry metrics #8624

Conversation

jandro996 commented Mar 26, 2025 • edited Loading

What Does This Do

Motivation

Additional Notes

Contributor Checklist

pr-commenter bot commented Mar 26, 2025 • edited Loading

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary

jandro996 commented Mar 26, 2025 •

edited

Loading

pr-commenter bot commented Mar 26, 2025 •

edited

Loading