mssalvatore
commented
1 year ago I think this is basically expected behavior at this point. The bounds of a simulation aren't well defined.
Open cakekoa opened 1 year ago
mssalvatore
commented
1 year ago I think this is basically expected behavior at this point. The bounds of a simulation aren't well defined.
VakarisZ
commented
1 year ago Expected behavior: The report shows only the time of the last run, instead of all the runs after the last time the data was reset.
So report will contain tunnels, exploitations etc. But when the user tries to compare his security logs based on the date provided in our security report he will not see those events? IMO the best thing we can do is rephrase "After X, all Agents finished propagation attempts." to "Last agent activity was observed at X" or something similar. The main thing is that we want to explicitly say "this report contains network activity that happened between X and Y time" Mike is right and I don't think there's an easy solution to create boundaries. We shouldn't forbid user from manually starting the agent somewhere while other agents are still running. The simulation is done when the user decides it's done.
Describe the bug
The Security report will calculate the run time of the simulation as beginning the time the first run was started, to the time the last run was completed. This includes any breaks between the runs. The Island is likely using the timestamps of the first and last agent events received to calculate the runtime.
Example:
This may be a completely valid way to calculate the runtime, considering manual agent runs. However, it might be nice to reset the data each time the Run Monkey > From Island button is pressed.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The report shows only the time of the last run, instead of all the runs after the last time the data was reset.
Screenshots
Here we see a long runtime reported:
However, we're also told that three agents were run, and when they were started: