Skip to content

Commit

Permalink
sequence & callhome: Add sequence automation stats
Browse files Browse the repository at this point in the history 
- CHANGELOGs > Added notes.
- ExtensionCallHome > Add stats key for telemetry.
- SequenceActiveScanJob > Add stats counters.
- StdActiveScanRunner > Add stats counters.
- SequenceImportJob > Add stats counters.

Signed-off-by: kingthorin <[email protected]>
  • Loading branch information
@kingthorin
kingthorin committed Nov 14, 2024
1 parent 651c280 commit ad61fcc
Show file tree
Hide file tree
Showing 7 changed files with 39 additions and 8 deletions.
1 change: 1 addition & 0 deletions addOns/callhome/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## Unreleased
### Added
- Network stats to telemetry.
- Sequence automations stats to telemetry.

## [0.13.0] - 2024-09-02
### Added
Expand Down
1 change: 1 addition & 0 deletions addOns/callhome/src/main/java/org/zaproxy/addon/callhome/ExtensionCallHome.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,7 @@ public boolean test(Entry<String, Long> t) {
|| key.startsWith("stats.reports.")
|| key.startsWith("stats.script.")
|| key.startsWith("stats.selenium.")
|| key.startsWith("stats.sequence.")
|| key.startsWith("stats.spider.")
|| key.startsWith("stats.tech.")
|| key.startsWith("stats.ui.")
Expand Down
1 change: 1 addition & 0 deletions addOns/sequence/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- `sequence-activeScan` to active scan sequences.
- Data for reporting.
- Sequence active scan policy.
- Stats for import and active scan automation.

### Changed
- Update minimum ZAP version to 2.15.0.
Expand Down
19 changes: 17 additions & 2 deletions addOns/sequence/src/main/java/org/zaproxy/zap/extension/sequence/StdActiveScanRunner.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@
import org.zaproxy.zap.model.Context;
import org.zaproxy.zap.model.Target;
import org.zaproxy.zap.users.User;
import org.zaproxy.zap.utils.Stats;
import org.zaproxy.zest.core.v1.ZestActionFailException;
import org.zaproxy.zest.core.v1.ZestAssertFailException;
import org.zaproxy.zest.core.v1.ZestAssertion;
Expand All @@ -56,6 +57,7 @@ public class StdActiveScanRunner extends ZestZapRunner {

private static final int SEQUENCE_HISTORY_TYPE = HistoryReference.TYPE_SEQUENCE_TEMPORARY;
private static final Logger LOGGER = LogManager.getLogger(StdActiveScanRunner.class);
private static final String STATS_PREFIX = "stats.sequence.activescan.";

private ZestScriptWrapper wrapper;
private final Context context;
Expand Down Expand Up @@ -107,6 +109,7 @@ public String run(ZestScript script, Map<String, String> params)
ZestInvalidCommonTestException,
ZestAssignFailException,
ZestClientFailException {
Stats.incCounter(STATS_PREFIX + "scan");
return super.run(this.wrapper.getZestScript(), params);
}

Expand Down Expand Up @@ -153,20 +156,32 @@ public ZestResponse runStatement(
}
}

steps.add(
SequenceStepData stepData =
new SequenceStepData(
step,
passed,
result,
ascan.getAlertsIds(),
ZestZapUtils.toHttpMessage(req, req.getResponse()),
msg));
msg);
steps.add(stepData);
countStepStats(stepData);
}
}

return resp;
}

private static void countStepStats(SequenceStepData step) {
String ascanStep = STATS_PREFIX + "step" + step.getStep();
if (step.isPass()) {
Stats.incCounter(ascanStep + ".pass");
} else {
Stats.incCounter(ascanStep + ".fail");
}
Stats.incCounter(ascanStep + ".alerts", step.getAlertIds().size());
}

private SiteNode messageToSiteNode(HttpMessage msg, int step) {
SiteNode temp = null;
try {
Expand Down
1 change: 1 addition & 0 deletions .../main/java/org/zaproxy/zap/extension/sequence/automation/ExtensionSequenceAutomation.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
public class ExtensionSequenceAutomation extends ExtensionAdaptor {

public static final String NAME = "ExtensionSequenceAutomation";
public static final String STATS_PREFIX = "stats.sequence.automation.";

private static final List<Class<? extends Extension>> DEPENDENCIES =
List.of(ExtensionAutomation.class, ExtensionExim.class, ExtensionSequence.class);
Expand Down
4 changes: 4 additions & 0 deletions ...ce/src/main/java/org/zaproxy/zap/extension/sequence/automation/SequenceActiveScanJob.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@
import org.zaproxy.zap.extension.sequence.StdActiveScanRunner.SequenceStepData;
import org.zaproxy.zap.extension.zest.ZestScriptWrapper;
import org.zaproxy.zap.users.User;
import org.zaproxy.zap.utils.Stats;

public class SequenceActiveScanJob extends AutomationJob {

Expand Down Expand Up @@ -255,6 +256,8 @@ private static List<SequenceStepData> scanSequence(
new StdActiveScanRunner(
script, contextWrapper.getContext(), user, contextSpecificObjects);

Stats.incCounter(ExtensionSequenceAutomation.STATS_PREFIX + "ascan.scan");

try {
zzr.run(null, null);
ascans.put(script.getName(), zzr.getSteps());
Expand All @@ -264,6 +267,7 @@ private static List<SequenceStepData> scanSequence(
Constant.messages.getString(
"automation.error.unexpected.internal", e.getMessage()));
LOGGER.error(e.getMessage(), e);
Stats.incCounter(ExtensionSequenceAutomation.STATS_PREFIX + "ascan.exception");
}
return List.of();
}
Expand Down
20 changes: 14 additions & 6 deletions ...quence/src/main/java/org/zaproxy/zap/extension/sequence/automation/SequenceImportJob.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@
import org.zaproxy.zap.extension.script.ScriptType;
import org.zaproxy.zap.extension.zest.CreateScriptOptions;
import org.zaproxy.zap.extension.zest.ExtensionZest;
import org.zaproxy.zap.utils.Stats;

public class SequenceImportJob extends AutomationJob {

Expand Down Expand Up @@ -129,16 +130,18 @@ public void runJob(AutomationEnvironment env, AutomationProgress progress) {

result.getErrors()
.forEach(
error ->
progress.error(
Constant.messages.getString(
"sequence.automation.import.error",
getName(),
error)));
error -> {
progress.error(
Constant.messages.getString(
"sequence.automation.import.error", getName(), error));
Stats.incCounter(
ExtensionSequenceAutomation.STATS_PREFIX + "import.error");
});
if (result.getCount() == 0) {
progress.warn(
Constant.messages.getString(
"sequence.automation.import.nomessages", getName(), result.getCount()));
Stats.incCounter(ExtensionSequenceAutomation.STATS_PREFIX + "import.nomessages");
return;
}

Expand All @@ -149,10 +152,15 @@ public void runJob(AutomationEnvironment env, AutomationProgress progress) {
"sequence.automation.import.sequencecreated",
getName(),
result.getCount()));
Stats.incCounter(ExtensionSequenceAutomation.STATS_PREFIX + "import");
Stats.incCounter(
ExtensionSequenceAutomation.STATS_PREFIX + "import.messages",
result.getCount());
} catch (Exception e) {
progress.error(
Constant.messages.getString(
"sequence.automation.import.script.error", getName(), e.getMessage()));
Stats.incCounter(ExtensionSequenceAutomation.STATS_PREFIX + "import.script.error");
}
}

Expand Down

0 comments on commit ad61fcc

Please sign in to comment.