Goose Attack Report

Users: 7

Target Host: http://trustify:8080/

goose v0.18.0

Plan overview

Action Started Stopped Elapsed Users
Increasing25-12-21 02:17:1625-12-21 02:17:2300:00:070 → 7
Maintaining25-12-21 02:17:2325-12-21 02:22:2400:05:017
Decreasing25-12-21 02:22:2425-12-21 02:22:4200:00:180 ← 7

Request Metrics

Method Name # Requests # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
DELETE delete_sbom_from_pool_sequential[100 SBOMs] 38 (0) 0 1001.05 (+20.58) 140 (+39) 3405 (-193) 0.13 (+0.00) 0.00 (+0.00)
GET download_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 10 (0) 10 27.40 (+18.70) 2 (0) 82 (+53) 0.03 (+0.00) 0.03 (+0.00)
GET get_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 10 (0) 10 11.10 (-2.40) 1 (0) 54 (+3) 0.03 (+0.00) 0.03 (+0.00)
GET get_advisory_by_doc_id 10 (0) 0 26.60 (+9.80) 3 (-1) 71 (-2) 0.03 (+0.00) 0.00 (+0.00)
GET get_analysis_latest_cpe 15 (0) 0 284.93 (-45.27) 215 (+34) 491 (-85) 0.05 (+0.00) 0.00 (+0.00)
GET get_analysis_status 15 (0) 0 12.20 (-16.73) 2 (0) 51 (-208) 0.05 (+0.00) 0.00 (+0.00)
GET get_purl_details[b00df2ca-df21-5…874-304e9c54e2bd] 10 (-2) 0 753.20 (+56.53) 223 (+29) 1585 (+498) 0.03 (-0.01) 0.00 (+0.00)
GET get_sbom[sha256:720e4451…a939656247164447] 15 (0) 0 1610.60 (-295.87) 316 (-151) 3804 (-2153) 0.05 (+0.00) 0.00 (+0.00)
GET get_sbom_advisories[sha256:87fd06bc…9d7b8304c0d2d9b2] 15 (0) 0 56749.20 (-4657.93) 45065 (-8543) 65513 (-7859) 0.05 (+0.00) 0.00 (+0.00)
GET get_sbom_license_ids[urn:uuid:019731…104-331632a21144] 10 (-2) 0 7695.70 (+860.12) 3398 (+411) 10603 (-355) 0.03 (-0.01) 0.00 (+0.00)
GET list_advisory 10 (0) 0 891.70 (-52.00) 168 (-107) 1531 (+120) 0.03 (+0.00) 0.00 (+0.00)
GET list_advisory_labels 15 (0) 0 14529.53 (+2086.47) 10822 (+3819) 19302 (-2321) 0.05 (+0.00) 0.00 (+0.00)
GET list_advisory_paginated 10 (0) 0 548.80 (-73.30) 148 (-139) 723 (-677) 0.03 (+0.00) 0.00 (+0.00)
GET list_importer 11 (0) 0 3.82 (+0.36) 1 (0) 17 (+8) 0.04 (+0.00) 0.00 (+0.00)
GET list_organizations 10 (0) 0 13.90 (+1.60) 1 (0) 53 (+9) 0.03 (+0.00) 0.00 (+0.00)
GET list_packages 11 (0) 0 414.55 (-120.09) 111 (-100) 1017 (-91) 0.04 (+0.00) 0.00 (+0.00)
GET list_packages_paginated 11 (0) 0 319.00 (-141.18) 113 (-107) 470 (-400) 0.04 (+0.00) 0.00 (+0.00)
GET list_products 15 (+4) 0 19.00 (-0.82) 4 (0) 53 (-57) 0.05 (+0.01) 0.00 (+0.00)
GET list_sboms 15 (+4) 0 970.60 (-649.13) 434 (-502) 3065 (-66) 0.05 (+0.01) 0.00 (+0.00)
GET list_sboms_paginated 15 (0) 0 1555.20 (-2907.67) 440 (-729) 3284 (-14657) 0.05 (+0.00) 0.00 (+0.00)
GET list_vulnerabilities 11 (0) 0 479.91 (+69.00) 56 (-125) 783 (+78) 0.04 (+0.00) 0.00 (+0.00)
GET list_vulnerabilities_paginated 11 (0) 0 232.27 (-26.55) 47 (-39) 368 (-113) 0.04 (+0.00) 0.00 (+0.00)
GET sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f] 10 (-2) 0 69.10 (+35.43) 7 (+2) 139 (+34) 0.03 (-0.01) 0.00 (+0.00)
GET search_advisory 10 (-1) 0 1695.60 (+191.42) 200 (-328) 2427 (-1153) 0.03 (-0.00) 0.00 (+0.00)
GET search_exact_purl 15 (+4) 0 31.53 (+10.62) 4 (+1) 59 (-3) 0.05 (+0.01) 0.00 (+0.00)
GET search_licenses 1 (0) 0 86776.00 (-35822.00) 86776 (-35822) 86776 (-35822) 0.00 (+0.00) 0.00 (+0.00)
GET search_purls 15 (+4) 0 19799.00 (+7469.73) 13002 (+5930) 28735 (+6827) 0.05 (+0.01) 0.00 (+0.00)
GET search_purls_by_license 1 (0) 0 193636.00 (+64155.00) 193636 (+64155) 193636 (+64155) 0.00 (+0.00) 0.00 (+0.00)
GET search_sboms_by_license 1 (0) 0 40268.00 (-35666.00) 40268 (-35666) 40268 (-35666) 0.00 (+0.00) 0.00 (+0.00)
POST get_recommendations[pkg:rpm/redhat/…e-metrics@2.13.8] 10 (0) 0 123.00 (+42.70) 8 (0) 186 (+16) 0.03 (+0.00) 0.00 (+0.00)
POST post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1] 10 (-2) 0 526.80 (+150.97) 101 (+7) 1404 (+688) 0.03 (-0.01) 0.00 (+0.00)
Aggregated 366 (+7) 20 5278.47 (+55.61) 1 (0) 193636 (+64155) 1.22 (+0.02) 0.07 (+0.00)

Response Time Metrics

Method Name 50%ile (ms) 60%ile (ms) 70%ile (ms) 80%ile (ms) 90%ile (ms) 95%ile (ms) 99%ile (ms) 100%ile (ms)
DELETE delete_sbom_from_pool_sequential[100 SBOMs] 900 (+100) 1,000 (+100) 1,000 (0) 1,000 (0) 2,000 (0) 2,000 (0) 3,000 (-598) 3,000 (-598)
GET download_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 8 (+2) 15 (+9) 49 (+43) 50 (+42) 51 (+33) 82 (+53) 82 (+53) 82 (+53)
GET get_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 3 (+1) 4 (-6) 12 (+2) 13 (+2) 18 (-26) 54 (+3) 54 (+3) 54 (+3)
GET get_advisory_by_doc_id 11 (+2) 12 (+2) 16 (0) 65 (+48) 70 (+51) 71 (-2) 71 (-2) 71 (-2)
GET get_analysis_latest_cpe 220 (-160) 220 (-170) 310 (-80) 370 (-20) 470 (0) 470 (0) 490 (-86) 490 (-86)
GET get_analysis_status 4 (0) 5 (0) 6 (-1) 7 (-1) 48 (-72) 48 (-72) 51 (-208) 51 (-208)
GET get_purl_details[b00df2ca-df21-5…874-304e9c54e2bd] 800 (+100) 900 (+200) 900 (0) 900 (0) 1,000 (0) 1,585 (+585) 1,585 (+585) 1,585 (+585)
GET get_sbom[sha256:720e4451…a939656247164447] 2,000 (+1,000) 2,000 (+1,000) 2,000 (0) 2,000 (0) 3,000 (-2,000) 3,000 (-2,000) 3,804 (-2,153) 3,804 (-2,153)
GET get_sbom_advisories[sha256:87fd06bc…9d7b8304c0d2d9b2] 60,000 (0) 61,000 (0) 61,000 (-1,000) 61,000 (-1,000) 63,000 (-10,000) 63,000 (-10,000) 65,513 (-7,487) 65,513 (-7,487)
GET get_sbom_license_ids[urn:uuid:019731…104-331632a21144] 8,000 (+1,000) 8,000 (+1,000) 8,000 (0) 8,000 (0) 10,000 (+1,000) 10,603 (+1,603) 10,603 (-355) 10,603 (-355)
GET list_advisory 800 (0) 800 (-100) 1,000 (0) 1,000 (0) 1,531 (+531) 1,531 (+531) 1,531 (+531) 1,531 (+531)
GET list_advisory_labels 13,000 (+2,000) 14,000 (+2,000) 18,000 (+4,000) 18,000 (+4,000) 19,000 (-2,000) 19,000 (-2,000) 19,000 (-2,623) 19,000 (-2,623)
GET list_advisory_paginated 600 (0) 600 (0) 600 (0) 700 (+100) 700 (+100) 700 (-300) 700 (-300) 700 (-300)
GET list_importer 2 (0) 3 (0) 4 (0) 4 (-1) 5 (-2) 5 (-2) 17 (+8) 17 (+8)
GET list_organizations 5 (-2) 6 (-2) 9 (-5) 16 (-1) 41 (+19) 53 (+9) 53 (+9) 53 (+9)
GET list_packages 410 (-90) 420 (-80) 500 (-100) 500 (-100) 700 (+100) 700 (+100) 1,000 (0) 1,000 (0)
GET list_packages_paginated 400 (-90) 410 (-80) 420 (-80) 450 (-50) 460 (-40) 460 (-40) 470 (-400) 470 (-400)
GET list_products 9 (+1) 9 (-4) 11 (-8) 50 (+30) 52 (+31) 52 (+31) 53 (-57) 53 (-57)
GET list_sboms 600 (-400) 600 (-400) 900 (-1,100) 1,000 (-2,000) 3,000 (0) 3,000 (0) 3,000 (0) 3,000 (0)
GET list_sboms_paginated 1,000 (-2,000) 1,000 (-2,000) 1,000 (-2,000) 2,000 (-6,000) 3,000 (-6,000) 3,000 (-6,000) 3,000 (-14,941) 3,000 (-14,941)
GET list_vulnerabilities 600 (+220) 600 (+220) 700 (+200) 783 (+283) 783 (+83) 783 (+83) 783 (+83) 783 (+83)
GET list_vulnerabilities_paginated 300 (+40) 300 (+30) 300 (+30) 350 (+80) 350 (+70) 350 (+70) 368 (-112) 368 (-112)
GET sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f] 67 (+48) 73 (+53) 83 (+54) 88 (+25) 98 (+17) 139 (+58) 139 (+34) 139 (+34)
GET search_advisory 2,000 (+1,000) 2,000 (+1,000) 2,000 (0) 2,000 (0) 2,000 (0) 2,000 (0) 2,000 (-1,580) 2,000 (-1,580)
GET search_exact_purl 13 (+6) 52 (+42) 57 (+42) 58 (+4) 58 (+2) 58 (+2) 59 (-3) 59 (-3)
GET search_licenses 86,776 (-35,822) 86,776 (-35,822) 86,776 (-35,822) 86,776 (-35,822) 86,776 (-35,822) 86,776 (-35,822) 86,776 (-35,822) 86,776 (-35,822)
GET search_purls 18,000 (+7,000) 19,000 (+8,000) 26,000 (+15,000) 28,000 (+13,000) 28,735 (+10,735) 28,735 (+10,735) 28,735 (+6,827) 28,735 (+6,827)
GET search_purls_by_license 193,636 (+64,155) 193,636 (+64,155) 193,636 (+64,155) 193,636 (+64,155) 193,636 (+64,155) 193,636 (+64,155) 193,636 (+64,155) 193,636 (+64,155)
GET search_sboms_by_license 40,268 (-35,666) 40,268 (-35,666) 40,268 (-35,666) 40,268 (-35,666) 40,268 (-35,666) 40,268 (-35,666) 40,268 (-35,666) 40,268 (-35,666)
POST get_recommendations[pkg:rpm/redhat/…e-metrics@2.13.8] 140 (+92) 140 (+91) 170 (+40) 180 (+50) 180 (+10) 186 (+16) 186 (+16) 186 (+16)
POST post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1] 290 (+10) 380 (-20) 600 (+100) 900 (+300) 1,000 (+300) 1,000 (+300) 1,000 (+300) 1,000 (+300)
Aggregated 420 (-80) 600 (-100) 1,000 (0) 2,000 (0) 14,000 (+4,000) 29,000 (+7,000) 62,000 (-11,000) 193,636 (+64,636)

Status Code Metrics

Method Name Status Codes
DELETE delete_sbom_from_pool_sequential[100 SBOMs] 38 [200]
GET download_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 10 [404]
GET get_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 10 [404]
GET get_advisory_by_doc_id 10 [200]
GET get_analysis_latest_cpe 15 [200]
GET get_analysis_status 15 [200]
GET get_purl_details[b00df2ca-df21-5…874-304e9c54e2bd] 10 [200]
GET get_sbom[sha256:720e4451…a939656247164447] 15 [200]
GET get_sbom_advisories[sha256:87fd06bc…9d7b8304c0d2d9b2] 15 [200]
GET get_sbom_license_ids[urn:uuid:019731…104-331632a21144] 10 [200]
GET list_advisory 10 [200]
GET list_advisory_labels 15 [200]
GET list_advisory_paginated 10 [200]
GET list_importer 11 [200]
GET list_organizations 10 [200]
GET list_packages 11 [200]
GET list_packages_paginated 11 [200]
GET list_products 15 [200]
GET list_sboms 15 [200]
GET list_sboms_paginated 15 [200]
GET list_vulnerabilities 11 [200]
GET list_vulnerabilities_paginated 11 [200]
GET sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f] 10 [200]
GET search_advisory 10 [200]
GET search_exact_purl 15 [200]
GET search_licenses 1 [200]
GET search_purls 15 [200]
GET search_purls_by_license 1 [200]
GET search_sboms_by_license 1 [200]
POST get_recommendations[pkg:rpm/redhat/…e-metrics@2.13.8] 10 [200]
POST post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1] 10 [200]
Aggregated 346 [200], 20 [404]

Transaction Metrics

Transaction # Times Run # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
WebsiteUser
0.0 logon 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.1 website_index 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.2 website_openapi 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.3 website_sboms 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.4 website_packages 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.5 website_advisories 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.6 website_importers 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUser
1.0 logon 10 (0) 0 (0) 12.90 (+0.20) 7 (-1) 20 (+4) 0.03 (+0.00) 0.00 (+0.00)
1.1 list_organizations 10 (0) 0 (0) 13.90 (+1.50) 1 (0) 53 (+9) 0.03 (+0.00) 0.00 (+0.00)
1.2 list_advisory 10 (0) 0 (0) 891.90 (-51.80) 168 (-107) 1531 (+120) 0.03 (+0.00) 0.00 (+0.00)
1.3 list_advisory_paginated 10 (0) 0 (0) 548.80 (-73.30) 148 (-139) 723 (-677) 0.03 (+0.00) 0.00 (+0.00)
1.4 get_advisory_by_doc_id 10 (0) 0 (0) 26.60 (+9.80) 3 (-1) 71 (-2) 0.03 (+0.00) 0.00 (+0.00)
1.5 search_advisory 10 (-1) 0 (0) 1695.70 (+191.43) 200 (-328) 2428 (-1152) 0.03 (-0.00) 0.00 (+0.00)
1.6 list_vulnerabilities 11 (0) 0 (0) 479.91 (+69.00) 56 (-125) 783 (+78) 0.04 (+0.00) 0.00 (+0.00)
1.7 list_vulnerabilities_paginated 11 (0) 0 (0) 232.27 (-26.64) 47 (-39) 368 (-113) 0.04 (+0.00) 0.00 (+0.00)
1.8 list_importer 11 (0) 0 (0) 3.82 (+0.36) 1 (0) 17 (+8) 0.04 (+0.00) 0.00 (+0.00)
1.9 list_packages 11 (0) 0 (0) 414.64 (-120.09) 111 (-101) 1017 (-91) 0.04 (+0.00) 0.00 (+0.00)
1.10 list_packages_paginated 11 (0) 0 (0) 319.00 (-141.18) 113 (-107) 470 (-400) 0.04 (+0.00) 0.00 (+0.00)
1.11 search_purls 15 (+4) 0 (0) 19799.00 (+7469.73) 13002 (+5930) 28735 (+6827) 0.05 (+0.01) 0.00 (+0.00)
1.12 search_exact_purl 15 (+4) 0 (0) 31.60 (+10.69) 4 (+1) 59 (-3) 0.05 (+0.01) 0.00 (+0.00)
1.13 list_products 15 (+4) 0 (0) 19.07 (-0.75) 4 (0) 53 (-57) 0.05 (+0.01) 0.00 (+0.00)
1.14 list_sboms 15 (+4) 0 (0) 970.60 (-649.13) 434 (-502) 3065 (-66) 0.05 (+0.01) 0.00 (+0.00)
1.15 list_sboms_paginated 15 (0) 0 (0) 1555.20 (-2907.73) 440 (-729) 3284 (-14657) 0.05 (+0.00) 0.00 (+0.00)
1.16 get_analysis_status 15 (0) 0 (0) 12.40 (-16.53) 3 (+1) 51 (-208) 0.05 (+0.00) 0.00 (+0.00)
1.17 get_analysis_latest_cpe 15 (0) 0 (0) 284.93 (-45.33) 215 (+34) 491 (-85) 0.05 (+0.00) 0.00 (+0.00)
1.18 list_advisory_labels 15 (0) 0 (0) 14529.53 (+2086.40) 10822 (+3818) 19302 (-2321) 0.05 (+0.00) 0.00 (+0.00)
1.19 get_sbom[sha256:720e4451…a939656247164447] 15 (0) 0 (0) 1610.67 (-296.00) 316 (-152) 3805 (-2152) 0.05 (+0.00) 0.00 (+0.00)
1.20 get_sbom_advisories[sha256:87fd06bc…9d7b8304c0d2d9b2] 15 (0) 0 (0) 56749.46 (-4657.80) 45065 (-8544) 65513 (-7859) 0.05 (+0.00) 0.00 (+0.00)
1.21 sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f] 10 (-2) 0 (0) 69.20 (+35.53) 7 (+2) 139 (+34) 0.03 (-0.01) 0.00 (+0.00)
1.22 get_sbom_license_ids[urn:uuid:019731…104-331632a21144] 10 (-2) 0 (0) 7695.80 (+860.22) 3398 (+411) 10604 (-354) 0.03 (-0.01) 0.00 (+0.00)
1.23 post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1] 10 (-2) 0 (0) 526.90 (+150.98) 101 (+7) 1404 (+688) 0.03 (-0.01) 0.00 (+0.00)
1.24 get_purl_details[b00df2ca-df21-5…874-304e9c54e2bd] 10 (-2) 0 (0) 753.20 (+56.53) 223 (+29) 1585 (+498) 0.03 (-0.01) 0.00 (+0.00)
1.25 get_recommendations[pkg:rpm/redhat/…e-metrics@2.13.8] 10 (0) 0 (0) 123.00 (+42.50) 8 (0) 186 (+16) 0.03 (+0.00) 0.00 (+0.00)
1.26 download_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 10 (0) 0 (0) 27.40 (+18.60) 2 (0) 82 (+53) 0.03 (+0.00) 0.00 (+0.00)
1.27 get_advisory[24ae57c3-4b57-4…2c1-83ae26059a89] 10 (0) 0 (0) 11.10 (-2.40) 1 (0) 54 (+3) 0.03 (+0.00) 0.00 (+0.00)
RestAPIUserSlow
2.0 logon 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
2.1 search_licenses 1 (0) 0 (0) 86776.00 (-35822.00) 86776 (-35822) 86776 (-35822) 0.00 (+0.00) 0.00 (+0.00)
2.2 search_sboms_by_license 1 (0) 0 (0) 40268.00 (-35666.00) 40268 (-35666) 40268 (-35666) 0.00 (+0.00) 0.00 (+0.00)
2.3 search_purls_by_license 1 (0) 0 (0) 193637.00 (+64156.00) 193637 (+64156) 193637 (+64156) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUserDelete
3.0 logon 38 (+1) 0 (0) 10.95 (-0.38) 6 (0) 19 (+1) 0.13 (+0.00) 0.00 (+0.00)
3.1 delete_sbom_from_pool_sequential[100 SBOMs] 38 (0) 0 (0) 1001.24 (+20.58) 140 (+39) 3405 (-193) 0.13 (+0.00) 0.00 (+0.00)
Aggregated 414 (+8) 0 (0) 4666.48 (+48.23) 1 (0) 193637 (+64156) 1.38 (+0.03) 0.00 (+0.00)

Scenario Metrics

Scenario # Users # Times Run Average (ms) Min (ms) Max (ms) Scenarios/s Iterations
WebsiteUser 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUser 5 (0) 10 (0) 112957.20 (+15664.30) 99998 (+9393) 127134 (+21668) 0.03 (+0.00) 2.00 (+0.00)
RestAPIUserSlow 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUserDelete 1 (0) 38 (+1) 7937.00 (-74.43) 6601 (-223) 10465 (+289) 0.13 (+0.00) 38.00 (+1.00)
Aggregated 6 (0) 48 (+1) 29816.21 (+2808.72) 6601 (-223) 127134 (+21668) 0.16 (+0.00) 40.00 (+1.00)

User Metrics

Errors

# Error
10 (0) 404 Not Found: download_advisory[24ae57c3-4b57-4…2c1-83ae26059a89]
10 (0) 404 Not Found: get_advisory[24ae57c3-4b57-4…2c1-83ae26059a89]