Add missed calls stats

2026-05-06 03:45:26 +00:00 · 2019-11-08 17:13:10 +01:00 · 2019-11-08 17:13:10 +01:00 · 4d45ffff08
commit 4d45ffff08
parent cb4771b889
9 changed files with 75 additions and 27 deletions
--- a/include/AlertCheckLuaEngine.h
+++ b/include/AlertCheckLuaEngine.h
@ -29,6 +29,10 @@ class AlertCheckLuaEngine : public LuaEngine {
  u_int num_calls;
  ticks total_ticks;

+  u_int32_t num_missed_proto_detected;
+  u_int32_t num_missed_periodic_update;
+  u_int32_t num_missed_idle;
+
 public:
  AlertCheckLuaEngine(AlertEntity alert_entity, ScriptPeriodicity p, NetworkInterface *iface);
  virtual ~AlertCheckLuaEngine();
@ -38,6 +42,10 @@ class AlertCheckLuaEngine : public LuaEngine {
  ScriptPeriodicity getPeriodicity() const;
  const char * getGranularity() const;

+  inline void incNumMissedProtoDetected()     { num_missed_proto_detected++;  }
+  inline void incNumMissedPeriodicUpdate()    { num_missed_periodic_update++; }
+  inline void incNumMissedIdle()              { num_missed_idle++;            }
+
  void lua_stats(const char * key, lua_State *vm);
 };

--- a/include/Flow.h
+++ b/include/Flow.h
@ -240,7 +240,7 @@ class Flow : public GenericHashEntry {
  const char* cipher_weakness2str(ndpi_cipher_weakness w) const;
  bool get_partial_traffic_stats(FlowTrafficStats **dst, FlowTrafficStats *delta, bool *first_partial) const;
  bool isLuaCallPerformed(FlowLuaCall flow_lua_call, const struct timeval *tv);
-  void performLuaCall(FlowLuaCall flow_lua_call, const struct timeval *tv, AlertCheckLuaEngine **acle);
+  void performLuaCall(FlowLuaCall flow_lua_call, const struct timeval *tv, AlertCheckLuaEngine *acle);

 public:
  Flow(NetworkInterface *_iface,
--- a/include/ntop_typedefs.h
+++ b/include/ntop_typedefs.h
@ -60,6 +60,7 @@ typedef struct {
  AlertCheckLuaEngine *acle;
  struct timeval *tv;
  time_t deadline;
+  bool quick_update;
 } periodic_ht_state_update_user_data_t;

 typedef struct {
--- a/scripts/locales/en.lua
+++ b/scripts/locales/en.lua
@ -2143,6 +2143,7 @@ local lang = {
    ["lua"] = "Lua",
    ["max_duration_ms"] = "Max Duration",
    ["num_calls"] = "%{script} Num Calls",
+    ["num_missed_calls"] = "Num Missed Calls",
    ["periodic_activities"] = "Periodic Activities",
    ["periodic_activity"] = "Periodic Activity",
    ["script_duration"] = "%{script} Duration",
--- a/scripts/lua/hash_table_details.lua
+++ b/scripts/lua/hash_table_details.lua
@ -72,6 +72,9 @@ drawGraphs(ifId, schema, tags, _GET["zoom"], url, selected_epoch, {
      {schema = "custom:ht:lua_calls",
       label = i18n("internals.lua"),
       metrics_labels = { i18n("duration"), i18n("graphs.num_calls") },
+      }, {
+         schema = "ht:num_missed_calls",
+         label = i18n("internals.num_missed_calls"),
      },
   }
 })
--- a/scripts/lua/modules/timeseries/schemas/ts_5sec.lua
+++ b/scripts/lua/modules/timeseries/schemas/ts_5sec.lua
@ -19,6 +19,13 @@ schema:addTag("ifid")
 schema:addTag("hash_table")
 schema:addMetric("num_calls")

+schema = ts_utils.newSchema("ht:num_missed_calls", {step = 5, metrics_type = ts_utils.metrics.gauge})
+schema:addTag("ifid")
+schema:addTag("hash_table")
+schema:addMetric("idle")
+schema:addMetric("proto_detected")
+schema:addMetric("periodic_update")
+
 -------------------------------------------------------
 -- FLOW USER SCRIPTS SCHEMAS
 -------------------------------------------------------
--- a/scripts/lua/modules/ts_5sec_dump_utils.lua
+++ b/scripts/lua/modules/ts_5sec_dump_utils.lua
@ -10,14 +10,21 @@ function ts_dump.iface_update_periodic_ht_state_update_stats(when, ifid, periodi
   for ht_name, ht_stats in pairs(periodic_ht_state_update_stats) do
      local num_calls = 0
      local num_ms = 0
+      local stats = ht_stats["stats"]

-      if ht_stats["stats"] then
-	 if ht_stats["stats"]["num_calls"] then
-	    num_calls = ht_stats["stats"]["num_calls"]
+      if stats then
+	 if stats["num_calls"] then
+	    num_calls = stats["num_calls"]
 	 end
-	 if ht_stats["stats"]["tot_duration_ms"] then
-	    num_ms = ht_stats["stats"]["tot_duration_ms"]
+	 if stats["tot_duration_ms"] then
+	    num_ms = stats["tot_duration_ms"]
 	 end
+
+	 ts_utils.append("ht:num_missed_calls", {ifid = ifid, hash_table = ht_name,
+	    idle = stats.num_missed_idle,
+	    proto_detected = stats.num_missed_proto_detected,
+	    periodic_update = stats.num_missed_periodic_update,
+	}, when, verbose)
      end

     ts_utils.append("ht:duration", {ifid = ifid, hash_table = ht_name, num_ms = num_ms}, when, verbose)
--- a/src/AlertCheckLuaEngine.cpp
+++ b/src/AlertCheckLuaEngine.cpp
@ -28,6 +28,8 @@ AlertCheckLuaEngine::AlertCheckLuaEngine(AlertEntity alert_entity, ScriptPeriodi
  total_ticks = 0;
  const char *lua_file = NULL;

+  num_missed_idle = num_missed_periodic_update = num_missed_proto_detected = 0;
+
  p = script_periodicity;

  switch(alert_entity) {
@ -101,6 +103,10 @@ void AlertCheckLuaEngine::lua_stats(const char *key, lua_State *vm) {
    lua_push_uint64_table_entry(vm, "num_calls", (u_int64_t)num_calls);
    lua_push_float_table_entry(vm, "tot_duration_ms", elapsed_time * 1000);

+    lua_push_uint64_table_entry(vm, "num_missed_idle", num_missed_idle);
+    lua_push_uint64_table_entry(vm, "num_missed_periodic_update", num_missed_periodic_update);
+    lua_push_uint64_table_entry(vm, "num_missed_proto_detected", num_missed_proto_detected);
+
    lua_pushstring(vm, "stats");
    lua_insert(vm, -2);
    lua_settable(vm, -3);
--- a/src/Flow.cpp
+++ b/src/Flow.cpp
@ -1875,23 +1875,43 @@ void Flow::periodic_hash_entry_state_update(void *user_data, bool quick) {
    break;

  case hash_entry_state_flow_protocoldetected:
-    if(!quick) performLuaCall(flow_lua_call_protocol_detected, tv, &periodic_ht_state_update_user_data->acle);
+    if(!isLuaCallPerformed(flow_lua_call_protocol_detected, tv)) {
+      if(!periodic_ht_state_update_user_data->acle)
+	periodic_ht_state_update_user_data->acle = new AlertCheckLuaEngine(alert_entity_flow, minute_script /* doesn't matter */, iface);
+
+      if(!quick)
+	performLuaCall(flow_lua_call_protocol_detected, tv, periodic_ht_state_update_user_data->acle);
+      else
+	periodic_ht_state_update_user_data->acle->incNumMissedProtoDetected();
+    }
    set_hash_entry_state_active();
    break;

  case hash_entry_state_active:
-    if(!quick) {
-      periodic_dump_check(tv);
-      performLuaCall(flow_lua_call_periodic_update, tv, &periodic_ht_state_update_user_data->acle);
+    if(!isLuaCallPerformed(flow_lua_call_periodic_update, tv)) {
+      if(!periodic_ht_state_update_user_data->acle)
+	periodic_ht_state_update_user_data->acle = new AlertCheckLuaEngine(alert_entity_flow, minute_script /* doesn't matter */, iface);
+
+      if(!quick) {
+	periodic_dump_check(tv); /* NOTE: this call can take a long time! */
+	performLuaCall(flow_lua_call_periodic_update, tv, periodic_ht_state_update_user_data->acle);
+      } else
+	periodic_ht_state_update_user_data->acle->incNumMissedPeriodicUpdate();
    }
    /* Don't change state: purgeIdle() will do */
    break;

  case hash_entry_state_idle:
    postFlowSetIdle(tv, quick);
-    if(!quick) {
-      periodic_dump_check(tv);
-      performLuaCall(flow_lua_call_idle, tv, &periodic_ht_state_update_user_data->acle);
+    if(!isLuaCallPerformed(flow_lua_call_idle, tv)) {
+      if(!periodic_ht_state_update_user_data->acle)
+	periodic_ht_state_update_user_data->acle = new AlertCheckLuaEngine(alert_entity_flow, minute_script /* doesn't matter */, iface);
+
+      if(!quick) {
+	periodic_dump_check(tv); /* NOTE: this call can take a long time! */
+	performLuaCall(flow_lua_call_idle, tv, periodic_ht_state_update_user_data->acle);
+      } else
+	periodic_ht_state_update_user_data->acle->incNumMissedIdle();
    }
    break;
  }
@ -4245,20 +4265,13 @@ void Flow::lua_get_geoloc(lua_State *vm, bool client, bool coords, bool country_

 /* ***************************************************** */

-void Flow::performLuaCall(FlowLuaCall flow_lua_call, const struct timeval *tv, AlertCheckLuaEngine **acle) {
+void Flow::performLuaCall(FlowLuaCall flow_lua_call, const struct timeval *tv, AlertCheckLuaEngine *acle) {
  const char *lua_call_fn_name = NULL;
  Bitmap prev_status = status_map;
  std::map<FlowLuaCall, struct timeval>::iterator it;
-  
-  if(isLuaCallPerformed(flow_lua_call, tv))
-    return;  

-  if(!*acle
-     && !(*acle = new (std::nothrow) AlertCheckLuaEngine(alert_entity_flow, minute_script /* doesn't matter */, iface)))
-    return;
-
-  lua_State *L = (*acle)->getState();
-  (*acle)->setFlow(this);
+  lua_State *L = acle->getState();
+  acle->setFlow(this);

  switch(flow_lua_call) {
  case flow_lua_call_protocol_detected:
@ -4285,14 +4298,14 @@ void Flow::performLuaCall(FlowLuaCall flow_lua_call, const struct timeval *tv, A
    for(int i = 0; i < 200000; i++) {
      /* Call the function */
      lua_getglobal(L, lua_call_fn_name); /* Called function */
-      (*acle)->pcall(0 /* 0 arguments */, 0 /* 0 results */);
+      acle->pcall(0 /* 0 arguments */, 0 /* 0 results */);
    }
    return;
 #else
    /* Call the function */
    lua_getglobal(L, lua_call_fn_name); /* Called function */
    lua_pushinteger(L, protocol);  /* pass the L4 protocol as first argument, needed for optimized L4 filter */
-    (*acle)->pcall(1 /* 1 arguments */, 0 /* 0 results */);
+    acle->pcall(1 /* 1 arguments */, 0 /* 0 results */);
 #endif

    /* Mark it as called */
@ -4301,8 +4314,10 @@ void Flow::performLuaCall(FlowLuaCall flow_lua_call, const struct timeval *tv, A
    /* Check if the status has changed */
    if((flow_lua_call != flow_lua_call_flow_status_changed)
 	&& (prev_status.get() != status_map.get())) {
-      /* The status has changed, call the status change script */
-      performLuaCall(flow_lua_call_flow_status_changed, tv, acle);
+      if(!isLuaCallPerformed(flow_lua_call_flow_status_changed, tv)) {
+	/* The status has changed, call the status change script */
+	performLuaCall(flow_lua_call_flow_status_changed, tv, acle);
+      }

      /* Update the hosts status */
      if(cli_host) cli_host->setAnomalousFlowsStatusMap(status_map, true);