Goose Attack Report

Users: 5

Target Host: http://trustify:8080/

goose v0.18.0

Plan overview

Action	Started	Stopped	Elapsed	Users
Increasing	25-07-28 03:48:01	25-07-28 03:48:06	00:00:05	0 → 5
Maintaining	25-07-28 03:48:06	25-07-28 03:53:06	00:05:00	5
Decreasing	25-07-28 03:53:06	25-07-28 03:53:07	00:00:01	0 ← 5

Request Metrics

Method	Name	# Requests	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
GET	get_advisory_by_doc_id	86 (-14)	14.94 (+5.20)	3 (0)	69 (+11)	0.29 (-0.05)	0.00 (+0.00)
GET	get_analysis_latest_cpe	89 (-11)	142.09 (+37.58)	31 (+1)	463 (+95)	0.30 (-0.04)	0.00 (+0.00)
GET	get_analysis_status	89 (-11)	4.63 (-0.79)	1 (0)	50 (-7)	0.30 (-0.04)	0.00 (+0.00)
GET	get_sbom[sha256:720e4451…a939656247164447]	89 (-11)	668.98 (-30.65)	134 (-67)	2100 (+408)	0.30 (-0.04)	0.00 (+0.00)
GET	get_sbom_license_ids[urn:uuid:019731…104-331632a21144]	88 (-12)	874.02 (+54.26)	376 (+52)	1179 (-5)	0.29 (-0.04)	0.00 (+0.00)
GET	list_advisory	87 (-13)	471.34 (+1.23)	148 (-110)	936 (+190)	0.29 (-0.04)	0.00 (+0.00)
GET	list_advisory_paginated	86 (-14)	387.08 (-29.64)	152 (+17)	617 (+31)	0.29 (-0.05)	0.00 (+0.00)
GET	list_importer	85 (-15)	4.52 (+2.00)	1 (0)	50 (-2)	0.28 (-0.05)	0.00 (+0.00)
GET	list_organizations	87 (-13)	9.24 (+3.40)	1 (0)	56 (-4)	0.29 (-0.04)	0.00 (+0.00)
GET	list_packages	85 (-15)	447.48 (-34.13)	99 (0)	896 (-61)	0.28 (-0.05)	0.00 (+0.00)
GET	list_packages_paginated	85 (-15)	393.00 (-9.82)	105 (+14)	587 (0)	0.28 (-0.05)	0.00 (+0.00)
GET	list_products	90 (-10)	9.73 (+1.04)	3 (+1)	74 (+20)	0.30 (-0.03)	0.00 (+0.00)
GET	list_sboms	90 (-10)	1314.36 (+247.33)	597 (+5)	1886 (+386)	0.30 (-0.03)	0.00 (+0.00)
GET	list_sboms_paginated	90 (-10)	1593.03 (+314.19)	493 (+7)	3290 (+84)	0.30 (-0.03)	0.00 (+0.00)
GET	list_vulnerabilities	85 (-15)	288.35 (+1.12)	50 (-17)	402 (-7)	0.28 (-0.05)	0.00 (+0.00)
GET	list_vulnerabilities_paginated	85 (-15)	188.11 (+0.05)	59 (-12)	284 (-27)	0.28 (-0.05)	0.00 (+0.00)
GET	sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	88 (-12)	60.85 (-4.64)	10 (+1)	206 (+18)	0.29 (-0.04)	0.00 (+0.00)
GET	search_advisory	86 (-14)	990.16 (+83.39)	312 (-18)	2033 (+148)	0.29 (-0.05)	0.00 (+0.00)
GET	search_exact_purl	90 (-10)	8.90 (+2.25)	2 (0)	58 (+8)	0.30 (-0.03)	0.00 (+0.00)
GET	search_purls	90 (-15)	8563.24 (+1183.93)	1500 (-3109)	14349 (+3782)	0.30 (-0.05)	0.00 (+0.00)
POST	post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	87 (-13)	569.93 (+48.87)	298 (+67)	986 (+134)	0.29 (-0.04)	0.00 (+0.00)
	Aggregated	1837 (-268)	823.27 (+87.08)	1 (0)	14349 (+3782)	6.12 (-0.89)	0.00 (+0.00)

Response Time Metrics

Method	Name	50%ile (ms)	60%ile (ms)	70%ile (ms)	80%ile (ms)	90%ile (ms)	95%ile (ms)	99%ile (ms)	100%ile (ms)
GET	get_advisory_by_doc_id	7 (+2)	9 (+3)	10 (+3)	14 (+5)	52 (+37)	55 (+12)	62 (+7)	69 (+11)
GET	get_analysis_latest_cpe	110 (+20)	140 (+40)	170 (+50)	180 (+20)	270 (+80)	310 (+110)	460 (+170)	460 (+92)
GET	get_analysis_status	2 (0)	2 (-1)	3 (0)	4 (-1)	6 (-1)	30 (-8)	49 (-3)	50 (-7)
GET	get_sbom[sha256:720e4451…a939656247164447]	430 (-70)	600 (-100)	600 (-200)	1,000 (0)	2,000 (+1,000)	2,000 (+308)	2,000 (+308)	2,000 (+308)
GET	get_sbom_license_ids[urn:uuid:019731…104-331632a21144]	900 (0)	900 (0)	1,000 (0)	1,000 (0)	1,000 (0)	1,000 (0)	1,000 (0)	1,000 (0)
GET	list_advisory	440 (-30)	460 (-20)	500 (+10)	500 (0)	600 (0)	700 (+100)	800 (+100)	900 (+200)
GET	list_advisory_paginated	390 (-40)	410 (-30)	450 (-10)	460 (-20)	480 (-10)	500 (0)	600 (+14)	600 (+14)
GET	list_importer	2 (0)	2 (0)	3 (+1)	4 (+2)	7 (+4)	16 (+12)	49 (+36)	50 (-2)
GET	list_organizations	4 (+1)	5 (+2)	7 (+2)	10 (+3)	24 (+13)	47 (+30)	50 (+5)	56 (-4)
GET	list_packages	410 (-40)	420 (-50)	460 (-30)	500 (0)	700 (0)	800 (0)	896 (-4)	896 (-61)
GET	list_packages_paginated	400 (-20)	410 (-20)	440 (-30)	470 (-10)	500 (0)	500 (0)	587 (+87)	587 (0)
GET	list_products	7 (+2)	8 (+2)	9 (+2)	11 (+3)	14 (+4)	18 (-25)	66 (+13)	74 (+20)
GET	list_sboms	1,000 (0)	1,000 (0)	1,000 (0)	1,886 (+886)	1,886 (+886)	1,886 (+886)	1,886 (+886)	1,886 (+386)
GET	list_sboms_paginated	2,000 (+1,000)	2,000 (+1,000)	2,000 (0)	2,000 (0)	2,000 (0)	3,000 (+1,000)	3,000 (+1,000)	3,000 (0)
GET	list_vulnerabilities	310 (0)	330 (+10)	340 (0)	360 (0)	370 (+10)	380 (-20)	390 (-19)	400 (-9)
GET	list_vulnerabilities_paginated	190 (0)	200 (0)	200 (0)	210 (0)	230 (+20)	260 (+30)	280 (-10)	280 (-30)
GET	sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	42 (-21)	66 (-3)	75 (-6)	100 (-10)	160 (+10)	170 (0)	180 (0)	206 (+18)
GET	search_advisory	800 (0)	1,000 (+100)	1,000 (0)	1,000 (0)	2,000 (+115)	2,000 (+115)	2,000 (+115)	2,000 (+115)
GET	search_exact_purl	6 (0)	6 (0)	7 (0)	8 (+1)	9 (+1)	48 (+38)	58 (+46)	58 (+8)
GET	search_purls	10,000 (+3,000)	10,000 (+3,000)	13,000 (+4,000)	13,000 (+4,000)	14,000 (+4,000)	14,000 (+4,000)	14,000 (+3,433)	14,000 (+3,433)
POST	post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	500 (0)	600 (+100)	600 (0)	700 (+100)	800 (+100)	900 (+100)	900 (+48)	986 (+134)
	Aggregated	330 (-10)	410 (-20)	500 (0)	900 (+100)	2,000 (+1,000)	2,000 (-1,000)	13,000 (+4,000)	14,000 (+3,433)

Status Code Metrics

Method	Name	Status Codes
GET	get_advisory_by_doc_id	86 [200]
GET	get_analysis_latest_cpe	89 [200]
GET	get_analysis_status	89 [200]
GET	get_sbom[sha256:720e4451…a939656247164447]	89 [200]
GET	get_sbom_license_ids[urn:uuid:019731…104-331632a21144]	88 [200]
GET	list_advisory	87 [200]
GET	list_advisory_paginated	86 [200]
GET	list_importer	85 [200]
GET	list_organizations	87 [200]
GET	list_packages	85 [200]
GET	list_packages_paginated	85 [200]
GET	list_products	90 [200]
GET	list_sboms	90 [200]
GET	list_sboms_paginated	90 [200]
GET	list_vulnerabilities	85 [200]
GET	list_vulnerabilities_paginated	85 [200]
GET	sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	88 [200]
GET	search_advisory	86 [200]
GET	search_exact_purl	90 [200]
GET	search_purls	90 [200]
POST	post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	87 [200]
	Aggregated	1,837 [200]

Transaction Metrics

Transaction	# Times Run	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
WebsiteUser
0.0 logon	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.1 website_index	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.2 website_openapi	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.3 website_sboms	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.4 website_packages	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.5 website_advisories	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
0.6 website_importers	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
RestAPIUser
1.0 logon	87 (-13)	0 (0)	13.95 (-0.19)	7 (-2)	20 (-4)	0.29 (-0.04)	0.00 (+0.00)
1.1 list_organizations	87 (-13)	0 (0)	9.41 (+3.47)	1 (0)	56 (-4)	0.29 (-0.04)	0.00 (+0.00)
1.2 list_advisory	87 (-13)	0 (0)	471.44 (+1.27)	148 (-110)	936 (+190)	0.29 (-0.04)	0.00 (+0.00)
1.3 list_advisory_paginated	86 (-14)	0 (0)	387.17 (-29.57)	152 (+17)	617 (+31)	0.29 (-0.05)	0.00 (+0.00)
1.4 get_advisory_by_doc_id	86 (-14)	0 (0)	14.99 (+5.18)	3 (0)	69 (+11)	0.29 (-0.05)	0.00 (+0.00)
1.5 search_advisory	86 (-14)	0 (0)	990.21 (+83.40)	312 (-18)	2033 (+148)	0.29 (-0.05)	0.00 (+0.00)
1.6 list_vulnerabilities	85 (-15)	0 (0)	288.42 (+1.13)	50 (-17)	402 (-7)	0.28 (-0.05)	0.00 (+0.00)
1.7 list_vulnerabilities_paginated	85 (-15)	0 (0)	188.13 (+0.06)	59 (-12)	284 (-27)	0.28 (-0.05)	0.00 (+0.00)
1.8 list_importer	85 (-15)	0 (0)	4.56 (+1.99)	1 (0)	51 (-2)	0.28 (-0.05)	0.00 (+0.00)
1.9 list_packages	85 (-15)	0 (0)	447.52 (-34.11)	99 (0)	896 (-61)	0.28 (-0.05)	0.00 (+0.00)
1.10 list_packages_paginated	85 (-15)	0 (0)	393.04 (-9.82)	105 (+14)	587 (0)	0.28 (-0.05)	0.00 (+0.00)
1.11 search_purls	90 (-15)	0 (0)	8563.27 (+1183.90)	1500 (-3109)	14349 (+3782)	0.30 (-0.05)	0.00 (+0.00)
1.12 search_exact_purl	90 (-10)	0 (0)	8.91 (+2.23)	2 (0)	58 (+8)	0.30 (-0.03)	0.00 (+0.00)
1.13 list_products	90 (-10)	0 (0)	9.78 (+1.07)	3 (+1)	74 (+20)	0.30 (-0.03)	0.00 (+0.00)
1.14 list_sboms	90 (-10)	0 (0)	1314.47 (+247.39)	597 (+4)	1886 (+386)	0.30 (-0.03)	0.00 (+0.00)
1.15 list_sboms_paginated	90 (-10)	0 (0)	1593.13 (+314.26)	493 (+7)	3290 (+84)	0.30 (-0.03)	0.00 (+0.00)
1.16 get_analysis_status	89 (-11)	0 (0)	4.66 (-0.81)	1 (0)	50 (-7)	0.30 (-0.04)	0.00 (+0.00)
1.17 get_analysis_latest_cpe	89 (-11)	0 (0)	142.17 (+37.61)	31 (+1)	463 (+95)	0.30 (-0.04)	0.00 (+0.00)
1.18 get_sbom[sha256:720e4451…a939656247164447]	89 (-11)	0 (0)	669.03 (-30.65)	134 (-67)	2100 (+408)	0.30 (-0.04)	0.00 (+0.00)
1.19 sbom_by_package[pkg:maven/io.qu…dhat.com%2fga%2f]	88 (-12)	0 (0)	60.92 (-4.61)	10 (+1)	206 (+18)	0.29 (-0.04)	0.00 (+0.00)
1.20 get_sbom_license_ids[urn:uuid:019731…104-331632a21144]	88 (-12)	0 (0)	874.11 (+54.28)	376 (+52)	1179 (-5)	0.29 (-0.04)	0.00 (+0.00)
1.21 post_vulnerability_analyze[pkg:rpm/redhat/…h=noarch&epoch=1]	87 (-13)	0 (0)	569.97 (+48.88)	298 (+67)	986 (+134)	0.29 (-0.04)	0.00 (+0.00)
Aggregated	1,924 (-281)	0 (0)	786.04 (+83.24)	1 (0)	14349 (+3782)	6.41 (-0.94)	0.00 (+0.00)

Scenario Metrics

Scenario	# Users	# Times Run	Average (ms)	Min (ms)	Max (ms)	Scenarios/s	Iterations
WebsiteUser	0 (0)	0 (0)	0.00 (+0.00)	0 (0)	0 (0)	0.00 (+0.00)	0.00 (+0.00)
RestAPIUser	5 (0)	87 (-13)	17109.20 (+2203.90)	9101 (+808)	25159 (+6435)	0.29 (-0.04)	17.40 (-2.60)
Aggregated	5 (0)	87 (-13)	17109.20 (+2203.90)	9101 (+808)	25159 (+6435)	0.29 (-0.04)	17.40 (-2.60)

Goose Attack Report

Plan overview

Request Metrics

Response Time Metrics

Status Code Metrics

Transaction Metrics

Scenario Metrics

User Metrics