diff options
| author | Nayana Bidari <nybidari@google.com> | 2021-05-14 16:10:02 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-05-14 16:12:56 -0700 |
| commit | 25f0ab3313c356fcfb9e4282eda3b2aa2278956d (patch) | |
| tree | 5fbf6873bb02716b2cfad2d782fff871662440b1 /pkg/metric | |
| parent | f8d79e94e6fbb44af264394fd96a7c7cca62f98b (diff) | |
Add new metric for suspicious operations.
The new metric contains fields and will replace the below existing metric:
- opened_write_execute_file
PiperOrigin-RevId: 373884604
Diffstat (limited to 'pkg/metric')
| -rw-r--r-- | pkg/metric/metric.go | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/pkg/metric/metric.go b/pkg/metric/metric.go index e822fe77d..528910d7c 100644 --- a/pkg/metric/metric.go +++ b/pkg/metric/metric.go @@ -36,10 +36,17 @@ var ( // new metric after initialization. ErrInitializationDone = errors.New("metric cannot be created after initialization is complete") + // createdSentryMetrics indicates that the sentry metrics are created. + createdSentryMetrics = false + // WeirdnessMetric is a metric with fields created to track the number // of weird occurrences such as time fallback, partial_result and // vsyscall count. WeirdnessMetric *Uint64Metric + + // SuspiciousOperationsMetric is a metric with fields created to detect + // operations such as opening an executable file to write from a gofer. + SuspiciousOperationsMetric *Uint64Metric ) // Uint64Metric encapsulates a uint64 that represents some kind of metric to be @@ -388,13 +395,21 @@ func EmitMetricUpdate() { // CreateSentryMetrics creates the sentry metrics during kernel initialization. func CreateSentryMetrics() { - if WeirdnessMetric != nil { + if createdSentryMetrics { return } - WeirdnessMetric = MustCreateNewUint64Metric("/weirdness", true /* sync */, "Increment for weird occurrences of problems such as time fallback, partial result and vsyscalls invoked in the sandbox", + createdSentryMetrics = true + + WeirdnessMetric = MustCreateNewUint64Metric("/weirdness", true /* sync */, "Increment for weird occurrences of problems such as time fallback, partial result and vsyscalls invoked in the sandbox.", Field{ name: "weirdness_type", allowedValues: []string{"time_fallback", "partial_result", "vsyscall_count"}, }) + + SuspiciousOperationsMetric = MustCreateNewUint64Metric("/suspicious_operations", true /* sync */, "Increment for suspicious operations such as opening an executable file to write from a gofer.", + Field{ + name: "operation_type", + allowedValues: []string{"opened_write_execute_file"}, + }) } |