Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(datadog): add metrics for malicious file or link activity #2031

Merged
merged 1 commit into from
Oct 25, 2022
Merged

chore(datadog): add metrics for malicious file or link activity #2031

merged 1 commit into from
Oct 25, 2022

Conversation

halfwhole
Copy link
Collaborator

@halfwhole halfwhole commented Oct 13, 2022
edited
Loading

Problem

Currently, the metrics for malicious activity are defined under metric filters for CloudWatch log groups. (See AWS console for more details, requires AWS permissions to access)

The current approach presents several problems:

  1. We cannot distinguish between malicious links and malicious files being uploaded
  2. We cannot distinguish between staging/prod and gov/edu/health services without giving each metric a different name
  3. The metrics are not defined in the codebase, so it's not under version control, and it adds some 'hidden' technical complexity on AWS infra that's not obvious to developers

Solution

Add two new malicious activity metrics that will be sent to Datadog: one for malicious files (go.malicious_activity.file), and one for malicious links (go.malicious_activity.link). The env and service tags for staging/prod and gov/edu/health respectively should be added on Datadog automatically. This will allow us to remove metric filters on CloudWatch in the future as well, if we want to.

Improvements:

Resolved a TODO comment from before (#1993 (comment)) in UrlManagementService.ts. For the shortlink creation metric, a new tag was also added to label the source (console or bulk, but not yet API).

Tests

  • Test on staging to make sure that new metrics are being sent with tags

Deploy notes

Post-deployment: can remove CloudWatch metric filters for malicious activity (optional, but would be nice to do)

gweiying
gweiying approved these changes Oct 19, 2022
View reviewed changes
Copy link
Contributor

@gweiying gweiying left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@halfwhole halfwhole merged commit 45d9265 into develop Oct 25, 2022
@halfwhole halfwhole deleted the chore/datadog/add-malicious-activity-metrics branch October 25, 2022 02:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gweiying gweiying gweiying approved these changes

@thanhdatle thanhdatle Awaiting requested review from thanhdatle

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@halfwhole @gweiying