Goose Attack Report

Users: 7

Target Host: http://trustify:8080/

goose v0.18.0

Plan overview

Action Started Stopped Elapsed Users
Increasing26-03-19 02:29:0126-03-19 02:29:0800:00:070 → 7
Maintaining26-03-19 02:29:0826-03-19 02:59:0800:30:007
Decreasing26-03-19 02:59:0826-03-19 03:00:0800:01:000 ← 7

Request Metrics

Method Name # Requests # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
GET download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 45 (0) 0 229.38 (+24.29) 29 (0) 394 (-40) 0.03 (+0.00) 0.00 (+0.00)
GET get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 45 (0) 0 176.11 (+9.82) 27 (-2) 306 (-5) 0.03 (+0.00) 0.00 (+0.00)
GET get_advisory_by_doc_id 45 (0) 0 25.49 (+0.56) 5 (+1) 98 (+28) 0.03 (+0.00) 0.00 (+0.00)
GET get_analysis_latest_cpe 45 (-5) 0 46.78 (+7.76) 6 (+2) 151 (-18) 0.03 (-0.00) 0.00 (+0.00)
GET get_analysis_status 45 (-5) 0 8.62 (-3.28) 1 (-1) 61 (-9) 0.03 (-0.00) 0.00 (+0.00)
GET get_purl_details[0000054a-a69b-5…520-80752db183e6] 45 (0) 0 230.11 (+27.24) 54 (-14) 505 (+26) 0.03 (+0.00) 0.00 (+0.00)
GET get_sbom[sha256:a3442b37…3040057f79c70669] 45 (0) 0 9609.11 (-13.75) 248 (-36) 30305 (+12469) 0.03 (+0.00) 0.00 (+0.00)
GET get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 45 (0) 0 23.49 (+2.13) 3 (0) 90 (-1) 0.03 (+0.00) 0.00 (+0.00)
GET list_advisory 45 (0) 0 695.64 (+38.64) 109 (-83) 1145 (+36) 0.03 (+0.00) 0.00 (+0.00)
GET list_advisory_labels 45 (-5) 0 14422.18 (-1382.26) 4701 (-2669) 22343 (+274) 0.03 (-0.00) 0.00 (+0.00)
GET list_advisory_paginated 45 (0) 0 525.04 (+90.24) 126 (+1) 839 (+168) 0.03 (+0.00) 0.00 (+0.00)
GET list_importer 46 (+1) 0 14.72 (-3.75) 1 (0) 84 (-305) 0.03 (+0.00) 0.00 (+0.00)
GET list_organizations 45 (0) 0 296.11 (-11.09) 34 (-31) 482 (-82) 0.03 (+0.00) 0.00 (+0.00)
GET list_packages 46 (0) 0 541.24 (+64.46) 114 (-20) 1096 (+117) 0.03 (+0.00) 0.00 (+0.00)
GET list_packages_paginated 46 (0) 0 417.87 (+14.96) 128 (-8) 870 (+242) 0.03 (+0.00) 0.00 (+0.00)
GET list_products 50 (0) 0 14.12 (+3.50) 5 (0) 56 (+29) 0.03 (+0.00) 0.00 (+0.00)
GET list_sboms 50 (0) 0 149963.14 (+17439.59) 120979 (+8132) 209899 (+41682) 0.03 (+0.00) 0.00 (+0.00)
GET list_sboms_paginated 45 (-5) 0 1111.89 (+32.97) 573 (-131) 1533 (-92) 0.03 (-0.00) 0.00 (+0.00)
GET list_vulnerabilities 45 (0) 0 584.27 (+37.84) 76 (-39) 1014 (+136) 0.03 (+0.00) 0.00 (+0.00)
GET list_vulnerabilities_paginated 46 (+1) 0 412.61 (+7.10) 60 (-44) 661 (-159) 0.03 (+0.00) 0.00 (+0.00)
GET sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 45 (0) 0 160.89 (+4.33) 38 (-28) 423 (+91) 0.03 (+0.00) 0.00 (+0.00)
GET search_advisory 45 (0) 0 1134.98 (+150.56) 159 (-64) 2954 (-516) 0.03 (+0.00) 0.00 (+0.00)
GET search_exact_purl 50 (0) 0 183.28 (+48.60) 168 (+125) 378 (+204) 0.03 (+0.00) 0.00 (+0.00)
GET search_licenses 159 (+11) 0 20.94 (-2.89) 4 (0) 91 (-169) 0.09 (+0.01) 0.00 (+0.00)
GET search_purls 50 (0) 0 7401.86 (-10491.26) 3087 (-5336) 16301 (-8678) 0.03 (+0.00) 0.00 (+0.00)
GET search_purls_by_license 160 (+11) 0 11220.56 (-918.13) 4519 (+338) 65337 (+27229) 0.09 (+0.01) 0.00 (+0.00)
GET search_sboms_by_license 159 (+11) 0 28.55 (+2.89) 2 (-1) 174 (-145) 0.09 (+0.01) 0.00 (+0.00)
POST get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 45 (0) 0 1281.56 (+201.36) 427 (+15) 2503 (+836) 0.03 (+0.00) 0.00 (+0.00)
POST post_vulnerability_analyze[pkg:rpm/redhat/squid] 45 (0) 0 5.07 (+0.73) 1 (0) 52 (+4) 0.03 (+0.00) 0.00 (+0.00)
Aggregated 1672 (+15) 0 6651.05 (+73.51) 1 (0) 209899 (+41682) 0.93 (+0.01) 0.00 (+0.00)

Response Time Metrics

Method Name 50%ile (ms) 60%ile (ms) 70%ile (ms) 80%ile (ms) 90%ile (ms) 95%ile (ms) 99%ile (ms) 100%ile (ms)
GET download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 220 (+20) 230 (+10) 280 (+10) 290 (+10) 300 (0) 360 (+50) 390 (-40) 390 (-40)
GET get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 190 (+10) 200 (+10) 210 (+10) 220 (+10) 260 (0) 260 (-10) 306 (-4) 306 (-4)
GET get_advisory_by_doc_id 14 (-2) 16 (-5) 25 (-10) 50 (+9) 60 (+9) 78 (+18) 98 (+28) 98 (+28)
GET get_analysis_latest_cpe 43 (+12) 48 (+3) 66 (+7) 82 (+15) 90 (+16) 110 (+23) 150 (-19) 150 (-19)
GET get_analysis_status 6 (+2) 6 (+1) 8 (+1) 10 (+1) 16 (-19) 22 (-41) 61 (-9) 61 (-9)
GET get_purl_details[0000054a-a69b-5…520-80752db183e6] 220 (+40) 230 (+20) 260 (+10) 290 (+10) 360 (+40) 390 (+60) 500 (+21) 500 (+21)
GET get_sbom[sha256:a3442b37…3040057f79c70669] 12,000 (-1,000) 12,000 (-1,000) 13,000 (-2,000) 13,000 (-3,000) 14,000 (-3,000) 30,000 (+13,000) 30,000 (+12,164) 30,000 (+12,164)
GET get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 12 (+1) 15 (+3) 21 (+4) 48 (+16) 60 (-7) 80 (-6) 90 (-1) 90 (-1)
GET list_advisory 700 (+100) 700 (0) 800 (+100) 800 (0) 900 (-100) 1,000 (0) 1,000 (0) 1,000 (0)
GET list_advisory_labels 15,000 (-1,000) 15,000 (-1,000) 15,000 (-2,000) 16,000 (-1,000) 18,000 (-1,000) 19,000 (-2,000) 22,000 (0) 22,000 (0)
GET list_advisory_paginated 600 (+180) 600 (+110) 600 (+100) 600 (+100) 800 (+200) 800 (+200) 800 (+129) 800 (+129)
GET list_importer 6 (+1) 8 (+2) 9 (0) 15 (+2) 53 (+37) 61 (-5) 84 (-305) 84 (-305)
GET list_organizations 290 (-10) 300 (-10) 350 (-10) 370 (0) 380 (-80) 390 (-110) 480 (-84) 480 (-84)
GET list_packages 500 (+60) 600 (+100) 600 (0) 600 (0) 700 (0) 1,000 (+100) 1,000 (+21) 1,000 (+21)
GET list_packages_paginated 430 (+20) 490 (+70) 500 (+10) 500 (0) 600 (0) 600 (0) 870 (+270) 870 (+270)
GET list_products 10 (0) 12 (+1) 13 (+2) 15 (+3) 25 (+11) 38 (+18) 56 (+29) 56 (+29)
GET list_sboms 151,000 (+26,000) 157,000 (+27,000) 165,000 (+28,000) 166,000 (+21,000) 172,000 (+8,000) 180,000 (+13,000) 209,899 (+41,899) 209,899 (+41,899)
GET list_sboms_paginated 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 1,533 (-92) 1,533 (-92)
GET list_vulnerabilities 600 (0) 600 (0) 700 (0) 700 (0) 800 (+100) 800 (0) 1,000 (+122) 1,000 (+122)
GET list_vulnerabilities_paginated 480 (+100) 490 (+60) 500 (0) 500 (0) 600 (0) 600 (-100) 661 (-139) 661 (-139)
GET sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 130 (-20) 140 (-30) 170 (-10) 190 (-10) 310 (+80) 390 (+90) 420 (+90) 420 (+90)
GET search_advisory 800 (0) 1,000 (+100) 1,000 (0) 2,000 (+1,000) 2,000 (+1,000) 2,954 (-46) 2,954 (-46) 2,954 (-46)
GET search_exact_purl 180 (+30) 180 (+30) 180 (+30) 190 (+30) 190 (+20) 210 (+40) 378 (+208) 378 (+208)
GET search_licenses 11 (0) 14 (0) 21 (+1) 35 (-4) 54 (0) 63 (-16) 77 (-93) 91 (-169)
GET search_purls 7,000 (-10,000) 7,000 (-11,000) 8,000 (-10,000) 8,000 (-10,000) 8,000 (-14,000) 10,000 (-14,000) 16,000 (-8,979) 16,000 (-8,979)
GET search_purls_by_license 9,000 (-2,000) 10,000 (-2,000) 12,000 (-1,000) 13,000 (-3,000) 17,000 (-3,000) 26,000 (+3,000) 41,000 (+7,000) 65,000 (+27,000)
GET search_sboms_by_license 17 (+4) 22 (+7) 28 (+5) 49 (+15) 68 (+6) 77 (-2) 110 (-40) 170 (-149)
POST get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 2,000 (+333) 2,000 (+333) 2,503 (+836) 2,503 (+836)
POST post_vulnerability_analyze[pkg:rpm/redhat/squid] 2 (0) 2 (-1) 3 (0) 4 (0) 6 (-3) 15 (0) 52 (+4) 52 (+4)
Aggregated 210 (0) 480 (+80) 700 (0) 3,000 (0) 11,000 (-5,000) 16,000 (-2,000) 158,000 (+22,000) 209,899 (+41,899)

Status Code Metrics

Method Name Status Codes
GET download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 45 [200]
GET get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 45 [200]
GET get_advisory_by_doc_id 45 [200]
GET get_analysis_latest_cpe 45 [200]
GET get_analysis_status 45 [200]
GET get_purl_details[0000054a-a69b-5…520-80752db183e6] 45 [200]
GET get_sbom[sha256:a3442b37…3040057f79c70669] 45 [200]
GET get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 45 [200]
GET list_advisory 45 [200]
GET list_advisory_labels 45 [200]
GET list_advisory_paginated 45 [200]
GET list_importer 46 [200]
GET list_organizations 45 [200]
GET list_packages 46 [200]
GET list_packages_paginated 46 [200]
GET list_products 50 [200]
GET list_sboms 50 [200]
GET list_sboms_paginated 45 [200]
GET list_vulnerabilities 45 [200]
GET list_vulnerabilities_paginated 46 [200]
GET sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 45 [200]
GET search_advisory 45 [200]
GET search_exact_purl 50 [200]
GET search_licenses 159 [200]
GET search_purls 50 [200]
GET search_purls_by_license 160 [200]
GET search_sboms_by_license 159 [200]
POST get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 45 [200]
POST post_vulnerability_analyze[pkg:rpm/redhat/squid] 45 [200]
Aggregated 1,672 [200]

Transaction Metrics

Transaction # Times Run # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
WebsiteUser
0.0 logon 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.1 website_index 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.2 website_openapi 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.3 website_sboms 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.4 website_packages 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.5 website_advisories 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.6 website_importers 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUser
1.0 logon 45 (0) 0 (0) 13.71 (+1.53) 7 (+1) 49 (+26) 0.03 (+0.00) 0.00 (+0.00)
1.1 list_organizations 45 (0) 0 (0) 296.20 (-11.09) 34 (-31) 482 (-82) 0.03 (+0.00) 0.00 (+0.00)
1.2 list_advisory 45 (0) 0 (0) 695.69 (+38.62) 109 (-84) 1145 (+36) 0.03 (+0.00) 0.00 (+0.00)
1.3 list_advisory_paginated 45 (0) 0 (0) 525.11 (+90.29) 126 (0) 840 (+169) 0.03 (+0.00) 0.00 (+0.00)
1.4 get_advisory_by_doc_id 45 (0) 0 (0) 25.58 (+0.56) 5 (0) 98 (+28) 0.03 (+0.00) 0.00 (+0.00)
1.5 search_advisory 45 (0) 0 (0) 1135.02 (+150.56) 159 (-65) 2954 (-516) 0.03 (+0.00) 0.00 (+0.00)
1.6 list_vulnerabilities 45 (0) 0 (0) 584.40 (+37.91) 76 (-39) 1014 (+136) 0.03 (+0.00) 0.00 (+0.00)
1.7 list_vulnerabilities_paginated 46 (+1) 0 (0) 412.61 (+7.08) 60 (-45) 661 (-159) 0.03 (+0.00) 0.00 (+0.00)
1.8 list_importer 46 (+1) 0 (0) 14.76 (-3.75) 1 (0) 84 (-306) 0.03 (+0.00) 0.00 (+0.00)
1.9 list_packages 46 (0) 0 (0) 541.26 (+64.46) 114 (-20) 1096 (+117) 0.03 (+0.00) 0.00 (+0.00)
1.10 list_packages_paginated 46 (0) 0 (0) 417.89 (+14.91) 129 (-7) 870 (+242) 0.03 (+0.00) 0.00 (+0.00)
1.11 search_purls 50 (0) 0 (0) 7401.88 (-10491.32) 3087 (-5336) 16301 (-8678) 0.03 (+0.00) 0.00 (+0.00)
1.12 search_exact_purl 50 (0) 0 (0) 183.32 (+48.62) 168 (+125) 379 (+205) 0.03 (+0.00) 0.00 (+0.00)
1.13 list_products 50 (0) 0 (0) 14.14 (+3.46) 5 (0) 56 (+29) 0.03 (+0.00) 0.00 (+0.00)
1.14 list_sboms 50 (0) 0 (0) 149963.19 (+17439.62) 120979 (+8132) 209899 (+41682) 0.03 (+0.00) 0.00 (+0.00)
1.15 list_sboms_paginated 45 (-5) 0 (0) 1111.96 (+32.98) 574 (-130) 1534 (-91) 0.03 (-0.00) 0.00 (+0.00)
1.16 get_analysis_status 45 (-5) 0 (0) 8.71 (-3.25) 1 (-1) 61 (-9) 0.03 (-0.00) 0.00 (+0.00)
1.17 get_analysis_latest_cpe 45 (-5) 0 (0) 46.82 (+7.80) 6 (+2) 151 (-18) 0.03 (-0.00) 0.00 (+0.00)
1.18 list_advisory_labels 45 (-5) 0 (0) 14422.22 (-1382.30) 4701 (-2669) 22343 (+274) 0.03 (-0.00) 0.00 (+0.00)
1.19 get_sbom[sha256:a3442b37…3040057f79c70669] 45 (0) 0 (0) 9609.18 (-13.76) 248 (-36) 30305 (+12469) 0.03 (+0.00) 0.00 (+0.00)
1.20 sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 45 (0) 0 (0) 160.93 (+4.27) 38 (-28) 423 (+91) 0.03 (+0.00) 0.00 (+0.00)
1.21 get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 45 (0) 0 (0) 23.53 (+2.18) 3 (0) 90 (-1) 0.03 (+0.00) 0.00 (+0.00)
1.22 post_vulnerability_analyze[pkg:rpm/redhat/squid] 45 (0) 0 (0) 5.07 (+0.62) 1 (0) 52 (+4) 0.03 (+0.00) 0.00 (+0.00)
1.23 get_purl_details[0000054a-a69b-5…520-80752db183e6] 45 (0) 0 (0) 230.16 (+27.27) 54 (-14) 506 (+27) 0.03 (+0.00) 0.00 (+0.00)
1.24 get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 45 (0) 0 (0) 1281.71 (+201.47) 427 (+15) 2503 (+835) 0.03 (+0.00) 0.00 (+0.00)
1.25 download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 45 (0) 0 (0) 229.47 (+24.36) 29 (0) 394 (-40) 0.03 (+0.00) 0.00 (+0.00)
1.26 get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 45 (0) 0 (0) 176.16 (+9.76) 27 (-2) 308 (-3) 0.03 (+0.00) 0.00 (+0.00)
RestAPIUserSlow
2.0 logon 159 (+11) 0 (0) 10.08 (-0.18) 6 (0) 27 (+11) 0.09 (+0.01) 0.00 (+0.00)
2.1 search_licenses 159 (+11) 0 (0) 21.15 (-2.81) 4 (0) 91 (-169) 0.09 (+0.01) 0.00 (+0.00)
2.2 search_sboms_by_license 159 (+11) 0 (0) 28.59 (+2.87) 2 (-1) 174 (-145) 0.09 (+0.01) 0.00 (+0.00)
2.3 search_purls_by_license 160 (+11) 0 (0) 11220.61 (-918.13) 4519 (+338) 65337 (+27229) 0.09 (+0.01) 0.00 (+0.00)
RestAPIUserDelete
3.0 logon 513 (0) 0 (0) 10.47 (-0.31) 6 (0) 28 (-25) 0.28 (+0.00) 0.00 (+0.00)
RestAdvisoryLableUser
4.0 logon 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
Aggregated 2,389 (+26) 0 (0) 4654.90 (+42.55) 1 (0) 209899 (+41682) 1.33 (+0.01) 0.00 (+0.00)

Scenario Metrics

Scenario # Users # Times Run Average (ms) Min (ms) Max (ms) Scenarios/s Iterations
WebsiteUser 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUser 5 (0) 45 (0) 192510.14 (+10306.81) 147802 (-3420) 243905 (+14685) 0.03 (+0.00) 9.00 (+0.00)
RestAPIUserSlow 1 (0) 159 (+11) 11279.62 (-844.55) 4547 (+334) 65492 (+27299) 0.09 (+0.01) 159.00 (+11.00)
RestAPIUserDelete 1 (0) 513 (0) 3510.90 (+1.50) 3012 (-6) 4021 (+2) 0.28 (+0.00) 513.00 (+0.00)
RestAdvisoryLableUser 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
Aggregated 7 (0) 717 (+11) 17095.55 (+390.38) 3012 (-6) 243905 (+14685) 0.40 (+0.01) 681.00 (+11.00)

User Metrics