Goose Attack Report

Users: 5

Target Host: http://trustify:8080/

goose v0.18.0

Plan overview

Action	Started	Stopped	Elapsed	Users
Increasing	25-07-16 03:39:26	25-07-16 03:39:31	00:00:05	0 → 5
Maintaining	25-07-16 03:39:31	25-07-16 03:44:31	00:05:00	5
Decreasing	25-07-16 03:44:31	25-07-16 03:44:32	00:00:01	0 ← 5

Request Metrics

Method	Name	# Requests	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
GET	get_advisory_by_doc_id	100 (-159)	0	12.08 (+0.53)	3 (+1)	61 (-10)	0.33 (-0.53)	0.00 (+0.00)
GET	get_analysis_latest_cpe	100 (-162)	0	114.26 (+12.95)	38 (+5)	180 (-113)	0.33 (-0.54)	0.00 (+0.00)
GET	get_analysis_status	100 (-162)	0	3.65 (-0.04)	1 (0)	47 (-2)	0.33 (-0.54)	0.00 (+0.00)
GET	get_sbom[sha256:f293eb89…6720f692ec5f3081]	100 (-162)	100	4.61 (-0.50)	1 (0)	34 (-31)	0.33 (-0.54)	0.33 (-0.54)
GET	get_sbom_license_ids[0195baea-42e3-7…0e3-4c7874263954]	100 (-162)	100	0.86 (-1.11)	1 (0)	3 (-13)	0.33 (-0.54)	0.33 (-0.54)
GET	list_advisory	100 (-162)	0	551.44 (+26.00)	383 (+125)	856 (-101)	0.33 (-0.54)	0.00 (+0.00)
GET	list_advisory_paginated	100 (-160)	0	406.78 (-4.27)	190 (-12)	591 (-147)	0.33 (-0.53)	0.00 (+0.00)
GET	list_importer	100 (-157)	0	3.61 (-1.37)	1 (0)	48 (-8)	0.33 (-0.52)	0.00 (+0.00)
GET	list_organizations	100 (-162)	0	5.00 (-7.33)	1 (0)	21 (-33)	0.33 (-0.54)	0.00 (+0.00)
GET	list_packages	100 (-157)	0	497.41 (+56.16)	304 (+97)	919 (-64)	0.33 (-0.52)	0.00 (+0.00)
GET	list_packages_paginated	100 (-157)	0	402.26 (+18.47)	108 (-13)	586 (-100)	0.33 (-0.52)	0.00 (+0.00)
GET	list_products	100 (-162)	0	6.85 (-0.95)	3 (+1)	13 (-42)	0.33 (-0.54)	0.00 (+0.00)
GET	list_sboms	100 (-162)	0	637.04 (-11.40)	524 (+91)	794 (-465)	0.33 (-0.54)	0.00 (+0.00)
GET	list_sboms_paginated	100 (-162)	0	530.77 (-31.27)	398 (-16)	605 (-486)	0.33 (-0.54)	0.00 (+0.00)
GET	list_vulnerabilities	100 (-157)	0	271.16 (+38.02)	83 (-25)	394 (-5)	0.33 (-0.52)	0.00 (+0.00)
GET	list_vulnerabilities_paginated	100 (-157)	0	183.86 (-9.32)	101 (-4)	361 (+59)	0.33 (-0.52)	0.00 (+0.00)
GET	sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	100 (-162)	0	28.29 (-7.71)	15 (+4)	68 (-45)	0.33 (-0.54)	0.00 (+0.00)
GET	search_advisory	100 (-159)	0	991.71 (+12.13)	332 (-21)	1949 (-401)	0.33 (-0.53)	0.00 (+0.00)
GET	search_exact_purl	100 (-162)	0	6.21 (-0.89)	2 (0)	16 (-41)	0.33 (-0.54)	0.00 (+0.00)
GET	search_purls	105 (-157)	0	9599.80 (+8379.46)	1411 (+992)	15952 (+11060)	0.35 (-0.52)	0.00 (+0.00)
POST	post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	100	0	388.58	266	604	0.33	0.00
	Aggregated	2105 (-3102)	200	718.59 (+429.18)	1 (0)	15952 (+11060)	7.02 (-10.34)	0.67 (-1.08)

Response Time Metrics

Method	Name	50%ile (ms)	60%ile (ms)	70%ile (ms)	80%ile (ms)	90%ile (ms)	95%ile (ms)	99%ile (ms)	100%ile (ms)
GET	get_advisory_by_doc_id	6 (0)	7 (0)	9 (+1)	13 (+3)	42 (-4)	50 (-4)	60 (-3)	61 (-10)
GET	get_analysis_latest_cpe	110 (+14)	120 (+20)	130 (+20)	130 (+20)	150 (-20)	180 (0)	180 (-30)	180 (-110)
GET	get_analysis_status	2 (0)	2 (0)	3 (0)	3 (-1)	4 (-1)	6 (-1)	37 (-9)	47 (-2)
GET	get_sbom[sha256:f293eb89…6720f692ec5f3081]	3 (0)	3 (0)	3 (-1)	4 (0)	5 (-1)	7 (-6)	33 (-16)	34 (-31)
GET	get_sbom_license_ids[0195baea-42e3-7…0e3-4c7874263954]	1 (0)	1 (0)	1 (0)	1 (-1)	1 (-3)	2 (-6)	2 (-11)	3 (-13)
GET	list_advisory	490 (-10)	500 (0)	600 (0)	700 (+100)	800 (+100)	800 (0)	800 (-100)	856 (-101)
GET	list_advisory_paginated	420 (+10)	430 (+10)	450 (0)	470 (0)	490 (-10)	500 (0)	500 (-100)	591 (-109)
GET	list_importer	2 (0)	2 (0)	3 (0)	3 (-1)	5 (0)	6 (-30)	36 (-17)	48 (-8)
GET	list_organizations	4 (-1)	5 (-3)	6 (-6)	8 (-14)	9 (-30)	11 (-32)	16 (-33)	21 (-33)
GET	list_packages	450 (+40)	470 (+40)	500 (+30)	600 (+110)	700 (+100)	800 (0)	900 (0)	900 (-83)
GET	list_packages_paginated	400 (+10)	410 (+10)	440 (+20)	480 (0)	500 (0)	500 (0)	586 (-14)	586 (-100)
GET	list_products	6 (0)	7 (+1)	8 (+1)	9 (+1)	10 (0)	11 (-6)	13 (-40)	13 (-42)
GET	list_sboms	600 (0)	600 (0)	700 (0)	700 (0)	700 (-100)	700 (-200)	794 (-206)	794 (-206)
GET	list_sboms_paginated	500 (0)	500 (-100)	600 (0)	600 (0)	600 (-100)	600 (-200)	600 (-300)	600 (-400)
GET	list_vulnerabilities	290 (+60)	300 (+50)	310 (+50)	320 (+40)	340 (+50)	360 (+60)	380 (+50)	390 (-9)
GET	list_vulnerabilities_paginated	190 (0)	200 (0)	200 (-10)	210 (-10)	220 (-40)	250 (-30)	310 (+10)	360 (+60)
GET	sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	21 (-4)	22 (-8)	24 (-22)	48 (-15)	53 (-19)	58 (-21)	67 (-25)	68 (-42)
GET	search_advisory	700 (-100)	1,000 (0)	1,000 (0)	1,949 (-51)	1,949 (-51)	1,949 (-51)	1,949 (-51)	1,949 (-51)
GET	search_exact_purl	6 (+2)	6 (+1)	7 (+2)	7 (+1)	8 (+1)	10 (-36)	14 (-39)	16 (-41)
GET	search_purls	13,000 (+12,200)	14,000 (+13,200)	14,000 (+13,000)	15,000 (+13,000)	15,000 (+12,000)	15,952 (+12,952)	15,952 (+12,952)	15,952 (+11,060)
POST	post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	400	400	410	420	430	440	500	600
	Aggregated	180 (+50)	360 (+80)	430 (+10)	500 (0)	700 (0)	2,000 (+1,200)	15,000 (+13,000)	15,952 (+11,060)

Status Code Metrics

Method	Name	Status Codes
GET	get_advisory_by_doc_id	100 [200]
GET	get_analysis_latest_cpe	100 [200]
GET	get_analysis_status	100 [200]
GET	get_sbom[sha256:f293eb89…6720f692ec5f3081]	100 [404]
GET	get_sbom_license_ids[0195baea-42e3-7…0e3-4c7874263954]	100 [400]
GET	list_advisory	100 [200]
GET	list_advisory_paginated	100 [200]
GET	list_importer	100 [200]
GET	list_organizations	100 [200]
GET	list_packages	100 [200]
GET	list_packages_paginated	100 [200]
GET	list_products	100 [200]
GET	list_sboms	100 [200]
GET	list_sboms_paginated	100 [200]
GET	list_vulnerabilities	100 [200]
GET	list_vulnerabilities_paginated	100 [200]
GET	sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	100 [200]
GET	search_advisory	100 [200]
GET	search_exact_purl	100 [200]
GET	search_purls	105 [200]
POST	post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	100 [200]
	Aggregated	1,905 [200], 100 [404], 100 [400]

Transaction Metrics

Transaction	# Times Run	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
WebsiteUser
0.0 logon	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.1 website_index	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.2 website_openapi	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.3 website_sboms	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.4 website_packages	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.5 website_advisories	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.6 website_importers	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
RestAPIUser
1.0 logon	100 (-162)	0 (0)	14.47 (+1.66)	11 (+5)	22 (-2)	0.33 (-0.54)	0.00 (+0.00)
1.1 list_organizations	100 (-162)	0 (0)	5.17 (-7.28)	1 (0)	23 (-31)	0.33 (-0.54)	0.00 (+0.00)
1.2 list_advisory	100 (-162)	0 (0)	551.51 (+26.00)	383 (+124)	856 (-101)	0.33 (-0.54)	0.00 (+0.00)
1.3 list_advisory_paginated	100 (-160)	0 (0)	406.82 (-4.30)	190 (-12)	591 (-147)	0.33 (-0.53)	0.00 (+0.00)
1.4 get_advisory_by_doc_id	100 (-159)	0 (0)	12.20 (+0.59)	3 (+1)	61 (-10)	0.33 (-0.53)	0.00 (+0.00)
1.5 search_advisory	100 (-159)	0 (0)	991.74 (+12.10)	332 (-21)	1949 (-401)	0.33 (-0.53)	0.00 (+0.00)
1.6 list_vulnerabilities	100 (-157)	0 (0)	271.21 (+37.99)	83 (-25)	394 (-5)	0.33 (-0.52)	0.00 (+0.00)
1.7 list_vulnerabilities_paginated	100 (-157)	0 (0)	183.88 (-9.36)	101 (-4)	361 (+59)	0.33 (-0.52)	0.00 (+0.00)
1.8 list_importer	100 (-157)	0 (0)	3.64 (-1.37)	1 (0)	48 (-8)	0.33 (-0.52)	0.00 (+0.00)
1.9 list_packages	100 (-157)	0 (0)	497.48 (+56.18)	304 (+97)	919 (-64)	0.33 (-0.52)	0.00 (+0.00)
1.10 list_packages_paginated	100 (-157)	0 (0)	402.37 (+18.51)	108 (-13)	586 (-100)	0.33 (-0.52)	0.00 (+0.00)
1.11 search_purls	105 (-157)	0 (0)	9599.86 (+8379.46)	1411 (+992)	15952 (+11060)	0.35 (-0.52)	0.00 (+0.00)
1.12 search_exact_purl	100 (-162)	0 (0)	6.25 (-0.90)	2 (0)	16 (-41)	0.33 (-0.54)	0.00 (+0.00)
1.13 list_products	100 (-162)	0 (0)	6.87 (-0.97)	3 (+1)	13 (-42)	0.33 (-0.54)	0.00 (+0.00)
1.14 list_sboms	100 (-162)	0 (0)	637.07 (-11.40)	524 (+91)	794 (-465)	0.33 (-0.54)	0.00 (+0.00)
1.15 list_sboms_paginated	100 (-162)	0 (0)	530.81 (-31.30)	399 (-15)	605 (-486)	0.33 (-0.54)	0.00 (+0.00)
1.16 get_analysis_status	100 (-162)	0 (0)	3.71 (-0.04)	1 (0)	47 (-2)	0.33 (-0.54)	0.00 (+0.00)
1.17 get_analysis_latest_cpe	100 (-162)	0 (0)	114.28 (+12.93)	38 (+5)	180 (-113)	0.33 (-0.54)	0.00 (+0.00)
1.18 get_sbom[sha256:f293eb89…6720f692ec5f3081]	100 (-162)	0 (0)	4.66 (-0.49)	1 (0)	34 (-32)	0.33 (-0.54)	0.00 (+0.00)
1.19 sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	100 (-162)	0 (0)	28.35 (-7.70)	15 (+4)	68 (-45)	0.33 (-0.54)	0.00 (+0.00)
1.20 get_sbom_license_ids[0195baea-42e3-7…0e3-4c7874263954]	100 (-162)	0 (0)	0.89 (-1.11)	1 (0)	3 (-13)	0.33 (-0.54)	0.00 (+0.00)
1.21 post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	100	0	388.62	266	604	0.33	0.00
Aggregated	2,205 (-3,264)	0 (0)	686.00 (+410.46)	1 (0)	15952 (+11060)	7.35 (-10.88)	0.00 (+0.00)

Scenario Metrics

Scenario	# Users	# Times Run	Average (ms)	Min (ms)	Max (ms)	Scenarios/s	Iterations
WebsiteUser	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
RestAPIUser	5 (0)	100 (-162)	14955.81 (+9183.47)	6165 (+2733)	21246 (+13013)	0.33 (-0.54)	20.00 (-32.40)
Aggregated	5 (0)	100 (-162)	14955.81 (+9183.47)	6165 (+2733)	21246 (+13013)	0.33 (-0.54)	20.00 (-32.40)

User Metrics

Errors

#	Error
100	400 Bad Request: get_sbom_license_ids[0195baea-42e3-7…0e3-4c7874263954]
100 (-162)	404 Not Found: get_sbom[sha256:f293eb89…6720f692ec5f3081]