profiling: socket command to control rules profiling

This patch adds unix socket command to start and stop the collection
of stats when running in rules profiling mode.

diff --git a/src/unix-manager.c b/src/unix-manager.c
index 0afff751e946713d8d59c0913811e1199f4cf0e8..cb3645cd9014e77d27fe3412f180f3ad1c6225ee 100644 (file)
--- a/src/unix-manager.c
+++ b/src/unix-manager.c
@@ -794,6 +794,33 @@ static TmEcode UnixManagerRulesetProfileCommand(json_t *cmd, json_t *server_msg,
     json_object_set_new(server_msg, "message", js);
     SCReturnInt(TM_ECODE_OK);
 }
+
+static TmEcode UnixManagerRulesetProfileStartCommand(json_t *cmd, json_t *server_msg, void *data)
+{
+    SCEnter();
+
+    int ret = SCProfileRuleStartCollection();
+    if (ret != TM_ECODE_OK) {
+        json_object_set_new(server_msg, "message", json_string("NOK"));
+        SCReturnInt(TM_ECODE_FAILED);
+    }
+    json_object_set_new(server_msg, "message", json_string("OK"));
+    SCReturnInt(TM_ECODE_OK);
+}
+
+static TmEcode UnixManagerRulesetProfileStopCommand(json_t *cmd, json_t *server_msg, void *data)
+{
+    SCEnter();
+
+    int ret = SCProfileRuleStopCollection();
+    if (ret != TM_ECODE_OK) {
+        json_object_set_new(server_msg, "message", json_string("NOK"));
+        SCReturnInt(TM_ECODE_FAILED);
+    }
+    json_object_set_new(server_msg, "message", json_string("OK"));
+    SCReturnInt(TM_ECODE_OK);
+}
+
 #endif
 
 static TmEcode UnixManagerShowFailedRules(json_t *cmd,
@@ -1074,6 +1101,10 @@ int UnixManagerInit(void)
     UnixManagerRegisterCommand("ruleset-failed-rules", UnixManagerShowFailedRules, NULL, 0);
 #ifdef PROFILE_RULES
     UnixManagerRegisterCommand("ruleset-profile", UnixManagerRulesetProfileCommand, NULL, 0);
+    UnixManagerRegisterCommand(
+            "ruleset-profile-start", UnixManagerRulesetProfileStartCommand, NULL, 0);
+    UnixManagerRegisterCommand(
+            "ruleset-profile-stop", UnixManagerRulesetProfileStopCommand, NULL, 0);
 #endif
     UnixManagerRegisterCommand("register-tenant-handler", UnixSocketRegisterTenantHandler, &command, UNIX_CMD_TAKE_ARGS);
     UnixManagerRegisterCommand("unregister-tenant-handler", UnixSocketUnregisterTenantHandler, &command, UNIX_CMD_TAKE_ARGS);

diff --git a/src/util-profiling.c b/src/util-profiling.c
index d9ea5535eda666c9097daef2aa5355c77fcb3203..9c531d183c980c1fd25de4cd423d3c40b7c819d7 100644 (file)
--- a/src/util-profiling.c
+++ b/src/util-profiling.c
@@ -1421,6 +1421,7 @@ thread_local int profiling_rules_entered = 0;
 int profiling_output_to_file = 0;
 static SC_ATOMIC_DECLARE(uint64_t, samples);
 static uint64_t rate = 0;
+int profiling_rules_active = 0;
 
 /**
  * \brief Initialize profiling.
@@ -1450,6 +1451,9 @@ void SCProfilingInit(void)
 /* see if we want to profile rules for this packet */
 int SCProfileRuleStart(Packet *p)
 {
+    if (profiling_rules_active != 1) {
+        return 0;
+    }
     uint64_t sample = SC_ATOMIC_ADD(samples, 1);
     if ((sample & rate) == 0) {
         p->flags |= PKT_PROFILE;
@@ -1461,4 +1465,16 @@ int SCProfileRuleStart(Packet *p)
     return 0;
 }
 
+int SCProfileRuleStartCollection(void)
+{
+    profiling_rules_active = 1;
+    SCReturnInt(TM_ECODE_OK);
+}
+
+int SCProfileRuleStopCollection(void)
+{
+    profiling_rules_active = 0;
+    SCReturnInt(TM_ECODE_OK);
+}
+
 #endif /* PROFILING */

diff --git a/src/util-profiling.h b/src/util-profiling.h
index 918f4d637a47b772c574ed5ba5a01c2272a1f2ec..c53b25b2a1cd5c7e7cb67fd4c8936e310bbc9340 100644 (file)
--- a/src/util-profiling.h
+++ b/src/util-profiling.h
@@ -401,6 +401,8 @@ void SCProfilingRuleThreadSetup(struct SCProfileDetectCtx_ *, DetectEngineThread
 void SCProfilingRuleThreadCleanup(DetectEngineThreadCtx *);
 int SCProfileRuleStart(Packet *p);
 json_t *SCProfileRuleTriggerDump(DetectEngineCtx *de_ctx);
+int SCProfileRuleStartCollection(void);
+int SCProfileRuleStopCollection(void);
 void SCProfilingRuleThreatAggregate(DetectEngineThreadCtx *det_ctx);
 
 #define RULE_PROFILING_START(p)                                                                    \