Goose Attack Report

Users: 7

Target Host: http://trustify:8080/

goose v0.18.0

Plan overview

Action Started Stopped Elapsed Users
Increasing26-03-29 02:26:0526-03-29 02:26:1200:00:070 → 7
Maintaining26-03-29 02:26:1226-03-29 02:56:1300:30:017
Decreasing26-03-29 02:56:1326-03-29 02:57:2800:01:150 ← 7

Request Metrics

Method Name # Requests # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
GET download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 60 (+5) 0 187.73 (-27.76) 53 (-7) 759 (+18) 0.03 (+0.00) 0.00 (+0.00)
GET get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 60 (+5) 0 185.53 (+18.32) 37 (+8) 357 (-157) 0.03 (+0.00) 0.00 (+0.00)
GET get_advisory_by_doc_id 60 (+5) 0 29.42 (-5.38) 6 (+3) 101 (-87) 0.03 (+0.00) 0.00 (+0.00)
GET get_analysis_latest_cpe 60 (+5) 0 45.88 (-0.57) 7 (+4) 171 (-100) 0.03 (+0.00) 0.00 (+0.00)
GET get_analysis_status 60 (+5) 0 10.40 (-5.91) 1 (-1) 40 (-66) 0.03 (+0.00) 0.00 (+0.00)
GET get_purl_details[0000054a-a69b-5…520-80752db183e6] 60 (+5) 0 285.32 (+16.43) 94 (+45) 923 (+303) 0.03 (+0.00) 0.00 (+0.00)
GET get_sbom[sha256:a3442b37…3040057f79c70669] 60 (+5) 0 10017.00 (+57.95) 453 (+105) 16085 (+2350) 0.03 (+0.00) 0.00 (+0.00)
GET get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 60 (+5) 0 31.63 (+3.07) 4 (+2) 202 (+48) 0.03 (+0.00) 0.00 (+0.00)
GET list_advisory 60 (+5) 0 575.80 (+39.44) 321 (+125) 1042 (-19) 0.03 (+0.00) 0.00 (+0.00)
GET list_advisory_labels 60 (+5) 0 15350.63 (+523.05) 12557 (+7523) 21949 (-833) 0.03 (+0.00) 0.00 (+0.00)
GET list_advisory_paginated 60 (+5) 0 453.63 (+30.23) 153 (+33) 982 (+380) 0.03 (+0.00) 0.00 (+0.00)
GET list_importer 60 (+4) 0 13.02 (-5.54) 1 (0) 67 (-22) 0.03 (+0.00) 0.00 (+0.00)
GET list_organizations 60 (+5) 0 248.90 (+22.54) 97 (+20) 776 (+371) 0.03 (+0.00) 0.00 (+0.00)
GET list_packages 60 (+4) 0 470.53 (+25.64) 177 (+20) 803 (-220) 0.03 (+0.00) 0.00 (+0.00)
GET list_packages_paginated 61 (+5) 0 388.84 (-3.18) 130 (-2) 796 (+132) 0.03 (+0.00) 0.00 (+0.00)
GET list_products 65 (+5) 0 16.35 (+0.42) 6 (0) 75 (+22) 0.04 (+0.00) 0.00 (+0.00)
GET list_sboms 65 (+5) 0 105544.57 (-2747.80) 88541 (+218) 118414 (-10991) 0.04 (+0.00) 0.00 (+0.00)
GET list_sboms_paginated 60 (+5) 0 1137.42 (+24.45) 817 (+326) 1586 (-367) 0.03 (+0.00) 0.00 (+0.00)
GET list_vulnerabilities 60 (+5) 0 500.40 (+15.80) 151 (+73) 795 (-13) 0.03 (+0.00) 0.00 (+0.00)
GET list_vulnerabilities_paginated 60 (+4) 0 399.97 (+44.90) 121 (+18) 702 (+69) 0.03 (+0.00) 0.00 (+0.00)
GET sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 60 (+5) 0 217.50 (+24.01) 62 (0) 527 (+42) 0.03 (+0.00) 0.00 (+0.00)
GET search_advisory 60 (+5) 0 1393.18 (-11.69) 401 (+206) 3681 (-1581) 0.03 (+0.00) 0.00 (+0.00)
GET search_exact_purl 65 (+5) 0 162.45 (-83.27) 8 (-109) 419 (+5) 0.04 (+0.00) 0.00 (+0.00)
GET search_licenses 146 (-32) 0 49.68 (+9.13) 4 (0) 334 (+37) 0.08 (-0.02) 0.00 (+0.00)
GET search_purls 65 (+5) 0 8040.20 (-8590.37) 697 (-9694) 13831 (-11417) 0.04 (+0.00) 0.00 (+0.00)
GET search_purls_by_license 147 (-32) 0 12149.22 (+2160.79) 4086 (+602) 30201 (-3801) 0.08 (-0.02) 0.00 (+0.00)
GET search_sboms_by_license 146 (-32) 0 59.55 (+17.25) 3 (+1) 279 (-128) 0.08 (-0.02) 0.00 (+0.00)
POST get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 60 (+5) 0 1354.25 (+10.98) 699 (+181) 2773 (+876) 0.03 (+0.00) 0.00 (+0.00)
POST post_vulnerability_analyze[pkg:rpm/redhat/squid] 60 (+5) 0 6.88 (+2.56) 1 (0) 59 (+18) 0.03 (+0.00) 0.00 (+0.00)
Aggregated 2020 (+31) 0 5542.15 (-39.91) 1 (0) 118414 (-10991) 1.12 (+0.02) 0.00 (+0.00)

Response Time Metrics

Method Name 50%ile (ms) 60%ile (ms) 70%ile (ms) 80%ile (ms) 90%ile (ms) 95%ile (ms) 99%ile (ms) 100%ile (ms)
GET download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 190 (-20) 200 (-20) 210 (-40) 220 (-40) 270 (-80) 300 (-70) 360 (-60) 759 (+59)
GET get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 190 (+20) 200 (0) 210 (0) 260 (+40) 280 (+40) 290 (0) 310 (0) 357 (-143)
GET get_advisory_by_doc_id 21 (+3) 26 (+3) 30 (-14) 47 (-3) 59 (-23) 91 (-7) 95 (-65) 100 (-88)
GET get_analysis_latest_cpe 32 (-3) 37 (-6) 62 (-2) 70 (0) 97 (+2) 100 (+4) 140 (+30) 170 (-100)
GET get_analysis_status 6 (0) 9 (+2) 11 (-3) 20 (+3) 23 (-31) 24 (-39) 40 (-38) 40 (-66)
GET get_purl_details[0000054a-a69b-5…520-80752db183e6] 290 (+50) 300 (+10) 320 (-30) 350 (-30) 400 (0) 440 (-10) 600 (0) 900 (+300)
GET get_sbom[sha256:a3442b37…3040057f79c70669] 13,000 (+1,000) 13,000 (+1,000) 13,000 (0) 14,000 (+1,000) 15,000 (+2,000) 16,000 (+3,000) 16,000 (+2,265) 16,000 (+2,265)
GET get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 14 (-1) 15 (-2) 38 (0) 56 (+7) 87 (+11) 91 (+10) 110 (+21) 200 (+50)
GET list_advisory 600 (0) 600 (0) 700 (+100) 700 (0) 700 (-100) 800 (0) 1,000 (0) 1,000 (0)
GET list_advisory_labels 14,000 (0) 15,000 (+1,000) 15,000 (-1,000) 18,000 (+1,000) 19,000 (0) 21,000 (+2,000) 21,000 (-1,000) 21,949 (-833)
GET list_advisory_paginated 470 (+40) 480 (-20) 500 (0) 500 (0) 600 (0) 600 (0) 700 (+100) 982 (+382)
GET list_importer 5 (0) 6 (-1) 7 (-5) 15 (-29) 51 (-8) 57 (-19) 66 (-22) 67 (-22)
GET list_organizations 220 (-30) 270 (+10) 280 (+10) 290 (+10) 310 (+20) 320 (-40) 500 (+140) 776 (+371)
GET list_packages 470 (0) 490 (-10) 600 (+100) 600 (0) 700 (+100) 800 (+100) 800 (-200) 800 (-200)
GET list_packages_paginated 380 (-20) 400 (-80) 460 (-40) 500 (0) 500 (-100) 600 (0) 600 (0) 796 (+132)
GET list_products 13 (+3) 15 (+2) 16 (-3) 19 (-2) 31 (+2) 44 (-2) 51 (+1) 75 (+22)
GET list_sboms 106,000 (0) 108,000 (-4,000) 108,000 (-7,000) 110,000 (-11,000) 114,000 (-10,000) 115,000 (-10,000) 118,000 (-7,000) 118,000 (-11,000)
GET list_sboms_paginated 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (0) 1,000 (-953) 1,586 (-367)
GET list_vulnerabilities 500 (0) 500 (-100) 600 (0) 600 (0) 700 (0) 795 (-5) 795 (-5) 795 (-5)
GET list_vulnerabilities_paginated 410 (+10) 420 (0) 460 (+20) 490 (0) 500 (0) 500 (-100) 600 (0) 700 (+100)
GET sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 200 (+30) 210 (+10) 230 (0) 260 (-10) 370 (+50) 460 (+100) 490 (+50) 500 (+15)
GET search_advisory 1,000 (+100) 1,000 (0) 2,000 (+1,000) 2,000 (0) 3,000 (-1,000) 3,000 (-2,000) 3,681 (-1,319) 3,681 (-1,319)
GET search_exact_purl 140 (-80) 160 (-70) 180 (-50) 190 (-50) 200 (-120) 300 (-60) 320 (-90) 419 (+9)
GET search_licenses 46 (+32) 61 (+32) 73 (+23) 83 (+21) 93 (+1) 99 (-71) 200 (-20) 330 (+33)
GET search_purls 8,000 (-8,000) 8,000 (-8,000) 8,000 (-8,000) 9,000 (-9,000) 12,000 (-10,000) 13,000 (-11,000) 13,000 (-12,000) 13,831 (-11,169)
GET search_purls_by_license 12,000 (+3,000) 13,000 (+3,000) 14,000 (+1,000) 15,000 (+1,000) 18,000 (+1,000) 24,000 (+4,000) 28,000 (-2,000) 30,000 (-4,000)
GET search_sboms_by_license 43 (+28) 69 (+48) 83 (+46) 97 (+37) 120 (+20) 130 (-30) 260 (-50) 279 (-128)
POST get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 1,000 (0) 1,000 (-897) 2,000 (+103) 2,000 (+103) 2,000 (+103) 2,000 (+103) 2,773 (+876) 2,773 (+876)
POST post_vulnerability_analyze[pkg:rpm/redhat/squid] 2 (-1) 3 (0) 3 (0) 4 (0) 10 (+3) 42 (+32) 54 (+30) 59 (+18)
Aggregated 260 (+30) 420 (+20) 600 (0) 2,000 (-2,000) 13,000 (-1,000) 17,000 (0) 108,000 (-4,000) 118,000 (-11,000)

Status Code Metrics

Method Name Status Codes
GET download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 60 [200]
GET get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 60 [200]
GET get_advisory_by_doc_id 60 [200]
GET get_analysis_latest_cpe 60 [200]
GET get_analysis_status 60 [200]
GET get_purl_details[0000054a-a69b-5…520-80752db183e6] 60 [200]
GET get_sbom[sha256:a3442b37…3040057f79c70669] 60 [200]
GET get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 60 [200]
GET list_advisory 60 [200]
GET list_advisory_labels 60 [200]
GET list_advisory_paginated 60 [200]
GET list_importer 60 [200]
GET list_organizations 60 [200]
GET list_packages 60 [200]
GET list_packages_paginated 61 [200]
GET list_products 65 [200]
GET list_sboms 65 [200]
GET list_sboms_paginated 60 [200]
GET list_vulnerabilities 60 [200]
GET list_vulnerabilities_paginated 60 [200]
GET sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 60 [200]
GET search_advisory 60 [200]
GET search_exact_purl 65 [200]
GET search_licenses 146 [200]
GET search_purls 65 [200]
GET search_purls_by_license 147 [200]
GET search_sboms_by_license 146 [200]
POST get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 60 [200]
POST post_vulnerability_analyze[pkg:rpm/redhat/squid] 60 [200]
Aggregated 2,020 [200]

Transaction Metrics

Transaction # Times Run # Fails Average (ms) Min (ms) Max (ms) RPS Failures/s
WebsiteUser
0.0 logon 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.1 website_index 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.2 website_openapi 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.3 website_sboms 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.4 website_packages 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.5 website_advisories 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
0.6 website_importers 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUser
1.0 logon 60 (+5) 0 (0) 13.03 (+0.96) 6 (0) 19 (-2) 0.03 (+0.00) 0.00 (+0.00)
1.1 list_organizations 60 (+5) 0 (0) 249.03 (+22.58) 97 (+20) 777 (+372) 0.03 (+0.00) 0.00 (+0.00)
1.2 list_advisory 60 (+5) 0 (0) 575.83 (+39.42) 321 (+125) 1042 (-19) 0.03 (+0.00) 0.00 (+0.00)
1.3 list_advisory_paginated 60 (+5) 0 (0) 453.70 (+30.19) 153 (+33) 982 (+379) 0.03 (+0.00) 0.00 (+0.00)
1.4 get_advisory_by_doc_id 60 (+5) 0 (0) 29.50 (-5.34) 6 (+3) 102 (-86) 0.03 (+0.00) 0.00 (+0.00)
1.5 search_advisory 60 (+5) 0 (0) 1393.28 (-11.68) 401 (+206) 3681 (-1581) 0.03 (+0.00) 0.00 (+0.00)
1.6 list_vulnerabilities 60 (+5) 0 (0) 500.52 (+15.84) 151 (+73) 795 (-13) 0.03 (+0.00) 0.00 (+0.00)
1.7 list_vulnerabilities_paginated 60 (+4) 0 (0) 400.05 (+44.91) 121 (+18) 702 (+69) 0.03 (+0.00) 0.00 (+0.00)
1.8 list_importer 60 (+4) 0 (0) 13.08 (-5.51) 1 (0) 67 (-22) 0.03 (+0.00) 0.00 (+0.00)
1.9 list_packages 60 (+4) 0 (0) 470.57 (+25.62) 177 (+20) 803 (-220) 0.03 (+0.00) 0.00 (+0.00)
1.10 list_packages_paginated 61 (+5) 0 (0) 388.85 (-3.18) 130 (-2) 796 (+132) 0.03 (+0.00) 0.00 (+0.00)
1.11 search_purls 65 (+5) 0 (0) 8040.23 (-8590.37) 697 (-9694) 13831 (-11417) 0.04 (+0.00) 0.00 (+0.00)
1.12 search_exact_purl 65 (+5) 0 (0) 162.48 (-83.32) 8 (-109) 419 (+5) 0.04 (+0.00) 0.00 (+0.00)
1.13 list_products 65 (+5) 0 (0) 16.37 (+0.42) 6 (0) 75 (+22) 0.04 (+0.00) 0.00 (+0.00)
1.14 list_sboms 65 (+5) 0 (0) 105544.63 (-2747.82) 88541 (+218) 118414 (-10991) 0.04 (+0.00) 0.00 (+0.00)
1.15 list_sboms_paginated 60 (+5) 0 (0) 1137.50 (+24.46) 817 (+326) 1586 (-367) 0.03 (+0.00) 0.00 (+0.00)
1.16 get_analysis_status 60 (+5) 0 (0) 10.40 (-5.96) 1 (-1) 40 (-66) 0.03 (+0.00) 0.00 (+0.00)
1.17 get_analysis_latest_cpe 60 (+5) 0 (0) 46.03 (-0.44) 7 (+4) 171 (-100) 0.03 (+0.00) 0.00 (+0.00)
1.18 list_advisory_labels 60 (+5) 0 (0) 15350.68 (+523.08) 12557 (+7523) 21950 (-832) 0.03 (+0.00) 0.00 (+0.00)
1.19 get_sbom[sha256:a3442b37…3040057f79c70669] 60 (+5) 0 (0) 10017.02 (+57.89) 453 (+105) 16085 (+2350) 0.03 (+0.00) 0.00 (+0.00)
1.20 sbom_by_package[pkg:oci/web-ter…-bundle&tag=1.11] 60 (+5) 0 (0) 217.55 (+24.04) 62 (0) 527 (+42) 0.03 (+0.00) 0.00 (+0.00)
1.21 get_sbom_license_ids[urn:uuid:019c4a…8ba-3cc0260ef778] 60 (+5) 0 (0) 31.68 (+3.08) 4 (+2) 202 (+48) 0.03 (+0.00) 0.00 (+0.00)
1.22 post_vulnerability_analyze[pkg:rpm/redhat/squid] 60 (+5) 0 (0) 6.93 (+2.52) 1 (0) 59 (+18) 0.03 (+0.00) 0.00 (+0.00)
1.23 get_purl_details[0000054a-a69b-5…520-80752db183e6] 60 (+5) 0 (0) 285.43 (+16.49) 94 (+45) 923 (+303) 0.03 (+0.00) 0.00 (+0.00)
1.24 get_recommendations[pkg:maven/io.ne…8.1.redhat-00033] 60 (+5) 0 (0) 1354.37 (+11.04) 699 (+181) 2773 (+876) 0.03 (+0.00) 0.00 (+0.00)
1.25 download_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 60 (+5) 0 (0) 187.82 (-27.69) 53 (-7) 759 (+17) 0.03 (+0.00) 0.00 (+0.00)
1.26 get_advisory[5b25cdef-428a-4…29e-fbb3415c22ab] 60 (+5) 0 (0) 185.60 (+18.36) 37 (+8) 357 (-157) 0.03 (+0.00) 0.00 (+0.00)
RestAPIUserSlow
2.0 logon 146 (-32) 0 (0) 10.75 (+0.47) 6 (0) 19 (+2) 0.08 (-0.02) 0.00 (+0.00)
2.1 search_licenses 146 (-32) 0 (0) 49.86 (+9.15) 4 (0) 335 (+38) 0.08 (-0.02) 0.00 (+0.00)
2.2 search_sboms_by_license 146 (-32) 0 (0) 59.60 (+17.22) 3 (+1) 279 (-128) 0.08 (-0.02) 0.00 (+0.00)
2.3 search_purls_by_license 147 (-32) 0 (0) 12149.31 (+2160.80) 4086 (+602) 30201 (-3801) 0.08 (-0.02) 0.00 (+0.00)
RestAPIUserDelete
3.0 logon 512 (-1) 0 (0) 10.52 (-0.19) 6 (0) 19 (-15) 0.28 (-0.00) 0.00 (+0.00)
RestAdvisoryLableUser
4.0 logon 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
Aggregated 2,738 (+3) 0 (0) 4088.80 (+29.31) 1 (0) 118414 (-10991) 1.52 (+0.00) 0.00 (+0.00)

Scenario Metrics

Scenario # Users # Times Run Average (ms) Min (ms) Max (ms) Scenarios/s Iterations
WebsiteUser 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
RestAPIUser 5 (0) 60 (+5) 148301.81 (-10610.08) 121247 (-9674) 167876 (-14128) 0.03 (+0.00) 12.00 (+1.00)
RestAPIUserSlow 1 (0) 146 (-32) 12265.79 (+2174.50) 4123 (+598) 30294 (-3797) 0.08 (-0.02) 146.00 (-32.00)
RestAPIUserDelete 1 (0) 512 (-1) 3517.45 (+6.79) 3014 (-6) 4016 (-5) 0.28 (-0.00) 512.00 (-1.00)
RestAdvisoryLableUser 0 (0) 0 (0) 0.00 (+0.00) 0 (0) 0 (0) 0.00 (+0.00) 0.00 (+0.00)
Aggregated 7 (0) 718 (-28) 17395.33 (+857.30) 3014 (-6) 167876 (-14128) 0.40 (-0.02) 670.00 (-32.00)

User Metrics