Package ai.attackframework.tools.burp.sinks

Class TrafficRouteBucket

java.lang.Object
ai.attackframework.tools.burp.sinks.TrafficRouteBucket
public final class TrafficRouteBucket extends Object
Centralized traffic "route bucket" mapping shared by all traffic sinks and stats views.

Traffic exports can be attributed to either:

  • a TrafficRouteBucket.Kind.TOOL_TYPE bucket (for example REPEATER_TABS, PROXY), which aligns with the live tool_type field Burp assigns to HTTP exchanges; or
  • a TrafficRouteBucket.Kind.SOURCE bucket (for example proxy_history_snapshot, proxy_websocket), which aligns with the reporter or source that produced the document rather than the requesting Burp tool.

Keeping the decision in one place ensures OpenSearch bulk accounting, file-sink accounting, and StatsPanel display all agree about which bucket a given document belongs to. Sinks should build a TrafficRouteBucket.Route once and use the record/resolve helpers here instead of re-implementing the tool_type -> bucket mapping locally.

  • Field Details

  • Method Details

    • trafficIndexName

      public static String trafficIndexName()
      Resolves the configured traffic index name.

      Shared by all traffic reporters so the index-name lookup lives in one place instead of being re-implemented with private copy-paste helpers.

    • fromDocument

      public static TrafficRouteBucket.Route fromDocument(Map<String,Object> document)
      Resolves the route for a traffic document by inspecting its tool_type field.
      Parameters:
      document - a prepared traffic document; null resolves to TOOL_TYPE_UNKNOWN
      Returns:
      resolved route; never null

    • fromToolType

      public static TrafficRouteBucket.Route fromToolType(String toolType)
      Resolves the route for a tool-type string (for example the name of a ToolType constant or a reporter-assigned value).
      Parameters:
      toolType - tool-type label; null or blank resolves to TOOL_TYPE_UNKNOWN
      Returns:
      resolved route; never null

    • proxyHistorySnapshot

      public static TrafficRouteBucket.Route proxyHistorySnapshot()
      Convenience route for Proxy History snapshot pushes.

    • proxyWebSocket

      public static TrafficRouteBucket.Route proxyWebSocket()
      Convenience route for Proxy WebSocket messages.

    • recordOpenSearchSuccess

      public static void recordOpenSearchSuccess(TrafficRouteBucket.Route route, long count)
      Records count successful OpenSearch pushes for route.

    • recordOpenSearchFailure

      public static void recordOpenSearchFailure(TrafficRouteBucket.Route route, long count)
      Records count failed OpenSearch pushes for route.

    • recordBulkOutcome

      public static void recordBulkOutcome(TrafficRouteBucket.Route route, int attempted, int sent, boolean openSearchActive, String logLabel)
      Records a traffic bulk outcome for OpenSearch, consolidating the success/failure bookkeeping used by one-shot snapshot reporters (Proxy History, Proxy WebSocket).

      Delegates the index-key totals and panel/error reporting to BulkOutcomeRecorder.record(String, String, String, int, int, boolean) so traffic and non-traffic reporters share the same log and error shape, then adds the per-route counter updates on top via recordOpenSearchSuccess(Route, long) / recordOpenSearchFailure(Route, long).

      Counts are clamped so sent is bounded to [0, max(0, attempted)] by BulkOutcomeRecorder.record(java.lang.String, java.lang.String, java.lang.String, int, int, boolean); per-route counters derived here inherit that clamping and stay consistent with the index totals when callers mis-report.

      When openSearchActive is false, this call is a no-op and no counters are updated (the file sink records its own outcomes separately).

      Parameters:
      route - route for the bulk; null resolves to a no-op
      attempted - number of documents attempted in the bulk; negative values are clamped to 0
      sent - number of documents acknowledged successful by OpenSearch; clamped to [0, max(0, attempted)]
      openSearchActive - whether the OpenSearch sink was active for this bulk
      logLabel - short label for log messages (for example "Proxy history chunk")

    • recordFileSuccess

      public static void recordFileSuccess(TrafficRouteBucket.Route route, long count)
      Records count successful file writes for route.

    • recordFileFailure

      public static void recordFileFailure(TrafficRouteBucket.Route route, long count)
      Records count failed file writes for route.

    • openSearchSuccessCount

      public static long openSearchSuccessCount(TrafficRouteBucket.Route route)
      Returns the current successful OpenSearch push count for route.

    • openSearchFailureCount

      public static long openSearchFailureCount(TrafficRouteBucket.Route route)
      Returns the current failed OpenSearch push count for route.

    • fileSuccessCount

      public static long fileSuccessCount(TrafficRouteBucket.Route route)
      Returns the current successful file write count for route.

    • fileFailureCount

      public static long fileFailureCount(TrafficRouteBucket.Route route)
      Returns the current failed file write count for route.

    • resolveOpenSearchSourceSuccess

      public static long resolveOpenSearchSourceSuccess(String sourceKey)
      Resolves the displayed success count for a "Traffic by source" row in OpenSearch stats.

      Most rows report the live captured tool-type count. The PROXY_HISTORY row additionally folds in SOURCE_PROXY_HISTORY_SNAPSHOT and SOURCE_PROXY_WEBSOCKET so snapshot pushes and proxy WebSocket exports surface under a single Proxy-family row.

    • resolveOpenSearchSourceFailure

      public static long resolveOpenSearchSourceFailure(String sourceKey)
      Resolves the displayed failure count for a "Traffic by source" row in OpenSearch stats.

    • resolveFileSourceSuccess

      public static long resolveFileSourceSuccess(String sourceKey)
      Resolves the displayed success count for a "Traffic by source" row in file stats.

    • resolveFileSourceFailure

      public static long resolveFileSourceFailure(String sourceKey)
      Resolves the displayed failure count for a "Traffic by source" row in file stats.