Interactive Controls
Set Interactive Time Range
All interactive sessions use a set time range to cache metrics data and perform quick tests.
Query Time Start:
Query Time Duration:
Query Time Scrubber:
All interactive sessions use a set time range to cache metrics data and perform quick tests.
Query Time Start:
Query Time Duration:
Query Time Scrubber:
Example Edge, simulating traffic coming through into a web app from the Internet
Select one of the bots to see Sireus working on an individual agent level, which is where the scoring and Actions take place.
| Name | States |
|---|---|
| SFO-WAS-11 | Attack Risk.Default, Operation.Default, Traffic.Default |
| SFO-LAS-27 | Attack Risk.Default, Operation.Default, Traffic.Default |
For the purpose of the demo, these are not editable, but that will be added after the Design RFC is complete.
This is the configuration data that creates the Sireus Decision System.
Queries collect metrics from Prometheus, so we can populate variables.
| Name | Query | Server | Info |
|---|---|---|---|
| Demo App Requests | irate(demo_requests[30s]) | prometheus_primary | Demo-only information, simulation of requests from the Internet, outside the edge |
| Edge Octets In | irate(demo_if_in_octets{bot_group="Edge"}[30s]) | prometheus_primary | Rate of octet ingress |
| Edge Octets Out | irate(demo_if_out_octets{bot_group="Edge"}[30s]) | prometheus_primary | Rate of octet egress |
| Circuit Circuit State | demo_if_link_state{bot_group="Edge"} | prometheus_primary | Is the circuit up or not? |
Variables population has two phases, extracting from Queries, and synthesizing new variables by evaluating expression on from queried variables.
| Name | Type | Query Name | Query Key | Range Start | Range End | Invert |
|---|---|---|---|---|---|---|
| demo_app_requests | Demo App Requests | 1 | 1 | false | ||
| octets_in | Edge Octets In | 1 | 1 | false | ||
| octets_out | Edge Octets Out | 1 | 1 | false | ||
| link_state | Circuit Circuit State | 1 | 1 | false |
States are specialized State Machines, they only go forward or reset. They can skip entries forward. The combination of several state pipelines allows us a lot of expression about what the current state of the operational system is.
Only moving forward or resetting removes inner loops of the state machines where it can be stuck. The entire state pipeline is a loop that will find the appropriate state on reset.
| Name | Info | States |
|---|---|---|
| Operation | Basic operational states, to group Actions | Default, Problem, Evaluate, Escalate, EscalateWait |
| Traffic | What does our traffic situation look like? | Default, High, Low, None |
| Attack Risk | What is the likelihood we are under attack now? | Default, Low, High, Critical |
Lock Timers can be required by Actions before they can run, so you can lock concurrency, and are given a timeout so that they will always unlock later, and the system never gets stuck.
| Name | Type | Info |
|---|---|---|
| Single Bot Lock | 1 | Per bot lock, so that each bot can operate independently. Use for Node or Agent level control. |
| Full Bot Group Lock | 0 | Lock for controlling the entire Bot Group. Use for Service or Platform level control. |