Re: [mod-security-users] ModSecurity phase timing
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] ModSecurity phase timing
|
From: Felipe Z. <fe...@zi...> - 2018-03-26 18:12:24
|
Great, thanks! On Mon, Mar 26, 2018 at 3:11 PM Robert Paprocki < rpa...@fe...> wrote: > Sounds good, I will compile some use cases and previous implementations > and post them on GH. Thanks :) > > On Mon, Mar 26, 2018 at 11:05 AM, Felipe Zimmerle <fe...@zi...> > wrote: > >> Lets have a discussion about that on the issue on GitHub, so we can keep >> that info in a fashion that everybody can easily read and follow. There is >> a bug no GitHub already for that. >> >> in the meanwhile you can collect this interesting data to share with us. >> I am curious. I don't understand why you want to compute the subtraction >> and not showing or saving anywhere, if there is no saving/storing what is >> the point to compute in first place? >> >> Br., >> Felipe >> >> >> On Mon, Mar 26, 2018 at 2:46 PM Robert Paprocki < >> rpa...@fe...> wrote: >> >>> I think the point we are making is that _native_ integration of perf >>> data is what's missing. systemtap scripts are useful, but they are >>> definitely not a replacement. there are a multitude of environments where >>> its simply not possible to use such tooling. >>> >>> And, I'm curious, why is it so expensive to generate this data? Could it >>> not be something as simple as a delta between two timespecs? >>> >>> On Mon, Mar 26, 2018 at 10:08 AM, Felipe Zimmerle <fe...@zi...> >>> wrote: >>> >>>> >>>> >>>> I have no bug report saying that DURATION is not working and a >>>> regression test that leads me to believe that it is working. Thus, I am >>>> assuming that it is working Ok. >>>> >>>> Indeed, running a shell script may be hard for a group of users, but i >>>> don't think that it is a motivation to have poor optimization for all users. >>>> >>>> Br., >>>> Felipe. >>>> >>>> >>>> >>>> >>>> On Mon, Mar 26, 2018 at 1:51 PM Christian Folini < >>>> chr...@ne...> wrote: >>>> >>>>> Hey Felipe, >>>>> >>>>> On Mon, Mar 26, 2018 at 04:45:41PM +0000, Felipe Zimmerle wrote: >>>>> > There are other means to read "timing", no need to use performance >>>>> > variables for that. >>>>> > >>>>> https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#DURATION >>>>> >>>>> Does DURATION really work in 3.0 / nginx? >>>>> >>>>> If that is granted, I can live with it. But digging into header-Files >>>>> and >>>>> running external scripts (separate process!) because I want to get a >>>>> Performance overview is quite demanding I think. >>>>> >>>>> Christian >>>>> >>>>> -- >>>>> History allows us to see human nature in a deeper way. >>>>> -- Ian Mortimer >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Check out the vibrant tech community on one of the world's most >>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>>> _______________________________________________ >>>>> mod-security-users mailing list >>>>> mod...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-users >>>>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >>>>> http://www.modsecurity.org/projects/commercial/rules/ >>>>> http://www.modsecurity.org/projects/commercial/support/ >>>>> >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Check out the vibrant tech community on one of the world's most >>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>> _______________________________________________ >>>> mod-security-users mailing list >>>> mod...@li... >>>> https://lists.sourceforge.net/lists/listinfo/mod-security-users >>>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >>>> http://www.modsecurity.org/projects/commercial/rules/ >>>> http://www.modsecurity.org/projects/commercial/support/ >>>> >>>> >>> >>> ------------------------------------------------------------------------------ >>> Check out the vibrant tech community on one of the world's most >>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>> _______________________________________________ >>> mod-security-users mailing list >>> mod...@li... >>> https://lists.sourceforge.net/lists/listinfo/mod-security-users >>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >>> http://www.modsecurity.org/projects/commercial/rules/ >>> http://www.modsecurity.org/projects/commercial/support/ >>> >> > |
