search

aws / event-ruler

Event Ruler is a Java library that allows matching many thousands of Events per second to any number of expressive and sophisticated rules.
Apache License 2.0
556 stars 58 forks source link

Cidr bug fixes #131

Closed jonessha closed 7 months ago

jonessha commented 7 months ago

Description of changes:

There were two bugs with CIDR:

  1. When an IP pattern was present and the incoming value was also an IP, we would convert the IP to a hex string before performing matching. Problem with this was that if there was also a rule present that used anything-but on this same field, the anything-but would always be satisfied, since the anything-but does not specify our internal hex format.
  2. When both a CIDR pattern and a numeric pattern were present and the incoming value was an IP, we would attempt to convert to a numeric value first, which would fail, and cause us to skip over CIDR matching and go straight to String matching.

Benchmark / Performance (for source code changes):

EXACT events/sec: 169505.2
WILDCARD events/sec: 127968.8
PREFIX events/sec: 166981.2
PREFIX_EQUALS_IGNORE_CASE_RULES events/sec: 177113.9
SUFFIX events/sec: 190579.6
SUFFIX_EQUALS_IGNORE_CASE_RULES events/sec: 194051.0
EQUALS_IGNORE_CASE events/sec: 174075.2
NUMERIC events/sec: 115359.0
ANYTHING-BUT events/sec: 126524.9
ANYTHING-BUT-IGNORE-CASE events/sec: 115109.7
ANYTHING-BUT-PREFIX events/sec: 128509.0
ANYTHING-BUT-SUFFIX events/sec: 130716.6
COMPLEX_ARRAYS events/sec: 30098.6
PARTIAL_COMBO events/sec: 51279.9
COMBO events/sec: 19901.7

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

timbray commented 7 months ago

Hey, those are my bugs you're killing.