Drop user agent matches and a bugfix for over-committing KafkaRecords too early

TrafficCapture/captureOffloader/src/main/java/org/opensearch/migrations/trafficcapture/IChannelConnectionCaptureListener.java

@@ -78,4 +78,6 @@
     default CompletableFuture<T> flushCommitAndResetStream(boolean isFinal) throws IOException {
         return CompletableFuture.completedFuture(null);
     }
+
+    default void cancelCaptureForCurrentRequest(Instant timestamp) throws IOException {}
 }

TrafficCapture/captureOffloader/src/main/java/org/opensearch/migrations/trafficcapture/StreamChannelConnectionCaptureSerializer.java

@@ -13,6 +13,7 @@
 import org.opensearch.migrations.trafficcapture.protos.EndOfSegmentsIndication;
 import org.opensearch.migrations.trafficcapture.protos.ReadObservation;
 import org.opensearch.migrations.trafficcapture.protos.ReadSegmentObservation;
+import org.opensearch.migrations.trafficcapture.protos.RequestIntentionallyDropped;
 import org.opensearch.migrations.trafficcapture.protos.TrafficObservation;
 import org.opensearch.migrations.trafficcapture.protos.TrafficStream;
 import org.opensearch.migrations.trafficcapture.protos.WriteObservation;
@@ -204,6 +205,16 @@ public CompletableFuture<T> flushCommitAndResetStream(boolean isFinal) throws IO
         return future;
     }
 
+    @Override
+    public void cancelCaptureForCurrentRequest(Instant timestamp) throws IOException {
+        beginSubstreamObservation(timestamp, TrafficObservation.REQUESTDROPPED_FIELD_NUMBER, 1);
+        getOrCreateCodedOutputStream().writeMessage(TrafficObservation.REQUESTDROPPED_FIELD_NUMBER,
+                RequestIntentionallyDropped.getDefaultInstance());
+        this.readObservationsAreWaitingForEom = false;
+        this.firstLineByteLength = -1;
+        this.headersByteLength = -1;
+    }
+
     @Override
     public void addBindEvent(Instant timestamp, SocketAddress addr) throws IOException {
         // not implemented for this serializer.  The v1.0 version of the replayer will ignore this type of observation

TrafficCapture/captureProtobufs/src/main/proto/TrafficCaptureStream.proto

@@ -41,6 +41,7 @@ message EndOfMessageIndication {
   optional int32 firstLineByteLength = 1;
   optional int32 headersByteLength = 2;
 }
+message RequestIntentionallyDropped {}
 
 message TrafficObservation {
   google.protobuf.Timestamp ts = 1;
@@ -61,6 +62,8 @@ message TrafficObservation {
     // having been committed to the stream.
     EndOfSegmentsIndication segmentEnd = 14;
     EndOfMessageIndication endOfMessageIndicator = 15;
+
+    RequestIntentionallyDropped requestDropped = 16;
   }
 }
 

TrafficCapture/coreUtilities/src/main/java/org/opensearch/migrations/trafficcapture/protos/TrafficStreamUtils.java

@@ -1,6 +1,8 @@
 package org.opensearch.migrations.trafficcapture.protos;
 
 import com.google.protobuf.Timestamp;
+
+import java.nio.charset.StandardCharsets;
 import java.time.Instant;
 import java.util.Optional;
 import java.util.stream.Collectors;
@@ -22,11 +24,32 @@ public static Optional<Instant> getFirstTimestamp(TrafficStream ts) {
 
     public static String summarizeTrafficStream(TrafficStream ts) {
         var listSummaryStr = ts.getSubStreamList().stream()
-                .map(tso->instantFromProtoTimestamp(tso.getTs()) + ": " + captureCaseToString(tso.getCaptureCase()))
+                .map(tso->instantFromProtoTimestamp(tso.getTs()) + ": " + captureCaseToString(tso.getCaptureCase())
+                        + getOptionalContext(tso))
                 .collect(Collectors.joining(", "));
         return ts.getConnectionId() + " (#" + getTrafficStreamIndex(ts) + ")[" + listSummaryStr + "]";
     }
 
+    private static Object getOptionalContext(TrafficObservation tso) {
+        return Optional.ofNullable(getByteArrayForDataOf(tso))
+                .map(b->" " + new String(b, 0, Math.min(3, b.length), StandardCharsets.UTF_8))
+                .orElse("");
+    }
+
+    private static byte[] getByteArrayForDataOf(TrafficObservation tso) {
+        if (tso.hasRead()) {
+            return tso.getRead().getData().toByteArray();
+        } else if (tso.hasReadSegment()) {
+            return tso.getReadSegment().getData().toByteArray();
+        } else if (tso.hasWrite()) {
+            return tso.getWrite().getData().toByteArray();
+        } else if (tso.hasWriteSegment()) {
+            return tso.getWriteSegment().getData().toByteArray();
+        } else {
+            return null;
+        }
+    }
+
     public static int getTrafficStreamIndex(TrafficStream ts) {
         return ts.hasNumber() ? ts.getNumber() : ts.getNumberOfThisLastChunk();
     }

TrafficCapture/nettyWireLogging/src/main/java/org/opensearch/migrations/trafficcapture/netty/ConditionallyReliableLoggingHttpRequestHandler.java

@@ -4,6 +4,7 @@
 import io.netty.handler.codec.http.HttpRequest;
 import io.netty.util.ReferenceCountUtil;
 import lombok.Lombok;
+import lombok.NonNull;
 import lombok.extern.slf4j.Slf4j;
 import org.opensearch.migrations.trafficcapture.IChannelConnectionCaptureSerializer;
 
@@ -13,33 +14,35 @@
 public class ConditionallyReliableLoggingHttpRequestHandler<T> extends LoggingHttpRequestHandler<T> {
     private final Predicate<HttpRequest> shouldBlockPredicate;
 
-    public ConditionallyReliableLoggingHttpRequestHandler(IChannelConnectionCaptureSerializer<T> trafficOffloader,
-                                                          Predicate<HttpRequest> headerPredicateForWhenToBlock) {
-        super(trafficOffloader);
+    public ConditionallyReliableLoggingHttpRequestHandler(@NonNull IChannelConnectionCaptureSerializer<T> trafficOffloader,
+                                                          @NonNull RequestCapturePredicate requestCapturePredicate,
+                                                          @NonNull Predicate<HttpRequest> headerPredicateForWhenToBlock) {
+        super(trafficOffloader, requestCapturePredicate);
         this.shouldBlockPredicate = headerPredicateForWhenToBlock;
     }
 
     @Override
-    protected void channelFinishedReadingAnHttpMessage(ChannelHandlerContext ctx, Object msg, HttpRequest httpRequest)
+    protected void channelFinishedReadingAnHttpMessage(ChannelHandlerContext ctx, Object msg,
+                                                       boolean shouldCapture, HttpRequest httpRequest)
             throws Exception {
-        if (shouldBlockPredicate.test(httpRequest)) {
+        if (shouldCapture && shouldBlockPredicate.test(httpRequest)) {
             trafficOffloader.flushCommitAndResetStream(false).whenComplete((result, t) -> {
                 if (t != null) {
                     // This is a spot where we would benefit from having a behavioral policy that different users
                     // could set as needed. Some users may be fine with just logging a failed offloading of a request
                     // where other users may want to stop entirely. JIRA here: https://opensearch.atlassian.net/browse/MIGRATIONS-1276
                     log.atWarn().setCause(t).setMessage("Got error").log();
                     ReferenceCountUtil.release(msg);
                 } else {
                     try {
-                        super.channelFinishedReadingAnHttpMessage(ctx, msg, httpRequest);
+                        super.channelFinishedReadingAnHttpMessage(ctx, msg, shouldCapture, httpRequest);
                     } catch (Exception e) {
                         throw Lombok.sneakyThrow(e);
                     }
                 }
             });
         } else {
-            super.channelFinishedReadingAnHttpMessage(ctx, msg, httpRequest);
+            super.channelFinishedReadingAnHttpMessage(ctx, msg, shouldCapture, httpRequest);
         }
     }
 }

TrafficCapture/nettyWireLogging/src/main/java/org/opensearch/migrations/trafficcapture/netty/HeaderValueFilteringCapturePredicate.java

@@ -0,0 +1,29 @@
+package org.opensearch.migrations.trafficcapture.netty;
+
+
+import io.netty.handler.codec.http.HttpRequest;
+
+import java.util.Map;
+import java.util.Optional;
+import java.util.regex.Pattern;
+import java.util.stream.Collectors;
+
+public class HeaderValueFilteringCapturePredicate extends RequestCapturePredicate {
+    private final Map<String, Pattern> headerToPredicateRegexMap;
+
+    public HeaderValueFilteringCapturePredicate(Map<String, String> suppressCaptureHeaderPairs) {
+        super(new PassThruHttpHeaders.HttpHeadersToPreserve(suppressCaptureHeaderPairs.keySet()
+                .toArray(String[]::new)));
+        headerToPredicateRegexMap = suppressCaptureHeaderPairs.entrySet().stream()
+                .collect(Collectors.toMap(Map.Entry::getKey, kvp->Pattern.compile(kvp.getValue())));
+    }
+
+    @Override
+    public CaptureDirective apply(HttpRequest request) {
+        return headerToPredicateRegexMap.entrySet().stream().anyMatch(kvp->
+                Optional.ofNullable(request.headers().get(kvp.getKey()))
+                        .map(v->kvp.getValue().matcher(v).matches())
+                        .orElse(false)
+        ) ? CaptureDirective.DROP : CaptureDirective.CAPTURE;
+    }
+}

TrafficCapture/nettyWireLogging/src/main/java/org/opensearch/migrations/trafficcapture/netty/LoggingHttpRequestHandler.java

@@ -15,6 +15,7 @@
 import io.netty.handler.codec.http.LastHttpContent;
 import lombok.Getter;
 import lombok.Lombok;
+import lombok.NonNull;
 import lombok.extern.slf4j.Slf4j;
 import org.opensearch.migrations.coreutils.MetricsAttributeKey;
 import org.opensearch.migrations.coreutils.MetricsEvent;
@@ -28,6 +29,12 @@ public class LoggingHttpRequestHandler<T> extends ChannelInboundHandlerAdapter {
     private static final MetricsLogger metricsLogger = new MetricsLogger("LoggingHttpRequestHandler");
 
     static class SimpleHttpRequestDecoder extends HttpRequestDecoder {
+        private final PassThruHttpHeaders.HttpHeadersToPreserve headersToPreserve;
+
+        public SimpleHttpRequestDecoder(@NonNull PassThruHttpHeaders.HttpHeadersToPreserve headersToPreserve) {
+            this.headersToPreserve = headersToPreserve;
+        }
+
         /**
          * Override this so that the HttpHeaders object can be a cheaper one.  PassThruHeaders
          * only stores a handful of headers that are required for parsing the payload portion
@@ -37,19 +44,33 @@ static class SimpleHttpRequestDecoder extends HttpRequestDecoder {
         public HttpMessage createMessage(String[] initialLine) throws Exception {
             return new DefaultHttpRequest(HttpVersion.valueOf(initialLine[2]),
                     HttpMethod.valueOf(initialLine[0]), initialLine[1]
-                    , new PassThruHttpHeaders()
+                    , new PassThruHttpHeaders(headersToPreserve)
             );
         }
     }
 
     static class SimpleDecodedHttpRequestHandler extends ChannelInboundHandlerAdapter {
         @Getter
         private HttpRequest currentRequest;
+        final RequestCapturePredicate requestCapturePredicate;
         boolean isDone;
+        boolean shouldCapture;
+        boolean liveReadObservationsInOffloader;
+
+        SimpleDecodedHttpRequestHandler(RequestCapturePredicate requestCapturePredicate) {
+            this.requestCapturePredicate = requestCapturePredicate;
+            this.currentRequest = null;
+            this.isDone = false;
+            this.shouldCapture = true;
+            liveReadObservationsInOffloader = false;
+        }
+
         @Override
-        public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
+        public void channelRead(@NonNull ChannelHandlerContext ctx, @NonNull Object msg) throws Exception {
             if (msg instanceof HttpRequest) {
                 currentRequest = (HttpRequest) msg;
+                shouldCapture = RequestCapturePredicate.CaptureDirective.CAPTURE ==
+                        requestCapturePredicate.apply((HttpRequest) msg);
             } else if (msg instanceof HttpContent) {
                 ((HttpContent)msg).release();
                 if (msg instanceof LastHttpContent) {
@@ -61,35 +82,28 @@ public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception
         }
 
         public HttpRequest resetCurrentRequest() {
-            isDone = false;
+            this.shouldCapture = true;
+            this.isDone = false;
             var old = currentRequest;
-            currentRequest = null;
+            this.currentRequest = null;
+            this.liveReadObservationsInOffloader = false;
             return old;
         }
     }
 
     protected final IChannelConnectionCaptureSerializer<T> trafficOffloader;
 
     protected final EmbeddedChannel httpDecoderChannel;
-    protected final SimpleHttpRequestDecoder requestDecoder;
 
-
-    public LoggingHttpRequestHandler(IChannelConnectionCaptureSerializer<T> trafficOffloader) {
+    public LoggingHttpRequestHandler(IChannelConnectionCaptureSerializer<T> trafficOffloader,
+                                     @NonNull RequestCapturePredicate httpHeadersCapturePredicate) {
         this.trafficOffloader = trafficOffloader;
-        requestDecoder = new SimpleHttpRequestDecoder(); // as a field for easier debugging
         httpDecoderChannel = new EmbeddedChannel(
-                requestDecoder,
-                new SimpleDecodedHttpRequestHandler()
+                new SimpleHttpRequestDecoder(httpHeadersCapturePredicate.getHeadersRequiredForMatcher()),
+                new SimpleDecodedHttpRequestHandler(httpHeadersCapturePredicate)
         );
     }
 
-    private HttpProcessedState parseHttpMessageParts(ByteBuf msg)  {
-        httpDecoderChannel.writeInbound(msg); // Consume this outright, up to the caller to know what else to do
-        return getHandlerThatHoldsParsedHttpRequest().isDone ?
-                HttpProcessedState.FULL_MESSAGE :
-                HttpProcessedState.ONGOING;
-    }
-
     private SimpleDecodedHttpRequestHandler getHandlerThatHoldsParsedHttpRequest() {
         return (SimpleDecodedHttpRequestHandler) httpDecoderChannel.pipeline().last();
     }
@@ -126,7 +140,8 @@ public void handlerRemoved(ChannelHandlerContext ctx) throws Exception {
         super.handlerRemoved(ctx);
     }
 
-    protected void channelFinishedReadingAnHttpMessage(ChannelHandlerContext ctx, Object msg, HttpRequest httpRequest) throws Exception {
+    protected void channelFinishedReadingAnHttpMessage(ChannelHandlerContext ctx, Object msg, boolean shouldCapture,
+                                                       HttpRequest httpRequest) throws Exception {
         super.channelRead(ctx, msg);
         metricsLogger.atSuccess(MetricsEvent.RECEIVED_FULL_HTTP_REQUEST)
                 .setAttribute(MetricsAttributeKey.CHANNEL_ID, ctx.channel().id().asLongText())
@@ -137,25 +152,32 @@ protected void channelFinishedReadingAnHttpMessage(ChannelHandlerContext ctx, Ob
     @Override
     public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
         var timestamp = Instant.now();
-        HttpProcessedState httpProcessedState;
-        {
-            var bb = ((ByteBuf) msg).retainedDuplicate();
+        var requestParsingHandler = getHandlerThatHoldsParsedHttpRequest();
+        var bb = ((ByteBuf) msg);
+        httpDecoderChannel.writeInbound(bb.retainedDuplicate()); // the ByteBuf is consumed/release by this method
+        var shouldCapture = requestParsingHandler.shouldCapture;
+        if (shouldCapture) {
+            requestParsingHandler.liveReadObservationsInOffloader = true;
             trafficOffloader.addReadEvent(timestamp, bb);
-            metricsLogger.atSuccess(MetricsEvent.RECEIVED_REQUEST_COMPONENT)
-                    .setAttribute(MetricsAttributeKey.CHANNEL_ID, ctx.channel().id().asLongText()).emit();
-
-            httpProcessedState = parseHttpMessageParts(bb); // bb is consumed/release by this method
+        } else if (requestParsingHandler.liveReadObservationsInOffloader) {
+            trafficOffloader.cancelCaptureForCurrentRequest(timestamp);
+            requestParsingHandler.liveReadObservationsInOffloader = false;
         }
-        if (httpProcessedState == HttpProcessedState.FULL_MESSAGE) {
-            var httpRequest = getHandlerThatHoldsParsedHttpRequest().resetCurrentRequest();
-            var decoderResultLoose = httpRequest.decoderResult();
-            if (decoderResultLoose instanceof HttpMessageDecoderResult) {
-                var decoderResult = (HttpMessageDecoderResult) decoderResultLoose;
-                trafficOffloader.addEndOfFirstLineIndicator(decoderResult.initialLineLength());
-                trafficOffloader.addEndOfHeadersIndicator(decoderResult.headerSize());
+        metricsLogger.atSuccess(MetricsEvent.RECEIVED_REQUEST_COMPONENT)
+                .setAttribute(MetricsAttributeKey.CHANNEL_ID, ctx.channel().id().asLongText()).emit();
+
+        if (requestParsingHandler.isDone) {
+            var httpRequest = requestParsingHandler.resetCurrentRequest();
+            if (shouldCapture) {
+                var decoderResultLoose = httpRequest.decoderResult();
+                if (decoderResultLoose instanceof HttpMessageDecoderResult) {
+                    var decoderResult = (HttpMessageDecoderResult) decoderResultLoose;
+                    trafficOffloader.addEndOfFirstLineIndicator(decoderResult.initialLineLength());
+                    trafficOffloader.addEndOfHeadersIndicator(decoderResult.headerSize());
+                }
+                trafficOffloader.commitEndOfHttpMessageIndicator(timestamp);
             }
-            trafficOffloader.commitEndOfHttpMessageIndicator(timestamp);
-            channelFinishedReadingAnHttpMessage(ctx, msg, httpRequest);
+            channelFinishedReadingAnHttpMessage(ctx, msg, shouldCapture, httpRequest);
         } else {
             super.channelRead(ctx, msg);
         }

TrafficCapture/nettyWireLogging/src/main/java/org/opensearch/migrations/trafficcapture/netty/PassThruHttpHeaders.java

@@ -3,21 +3,37 @@
 import io.netty.handler.codec.http.DefaultHttpHeaders;
 import io.netty.handler.codec.http.HttpHeaderNames;
 import io.netty.handler.codec.http.HttpHeaders;
+import lombok.NonNull;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Stream;
 
 public class PassThruHttpHeaders extends DefaultHttpHeaders {
 
-    private static final DefaultHttpHeaders HEADERS_TO_PRESERVE = makeHeadersToPreserve();
+    /**
+     * Use the HttpHeaders class because it does case insensitive matches.
+     */
+    private final HttpHeaders mapWithCaseInsensitiveHeaders;
+
+    public static class HttpHeadersToPreserve {
+        private final HttpHeaders caseInsensitiveHeadersMap;
+        public HttpHeadersToPreserve(String... extraHeaderNames) {
+            caseInsensitiveHeadersMap = new DefaultHttpHeaders();
+            Stream.concat(Stream.of(HttpHeaderNames.CONTENT_LENGTH.toString(),
+                                    HttpHeaderNames.CONTENT_TRANSFER_ENCODING.toString(),
+                                    HttpHeaderNames.TRAILER.toString()),
+                            Arrays.stream(extraHeaderNames))
+                    .forEach(h->caseInsensitiveHeadersMap.add(h, ""));
+        }
+    }
 
-    private static DefaultHttpHeaders makeHeadersToPreserve() {
-        var h = new DefaultHttpHeaders(false);
-        h.add(HttpHeaderNames.CONTENT_LENGTH, "");
-        h.add(HttpHeaderNames.CONTENT_TRANSFER_ENCODING, "");
-        h.add(HttpHeaderNames.TRAILER, "");
-        return h;
+    public PassThruHttpHeaders(@NonNull HttpHeadersToPreserve headersToPreserve) {
+        this.mapWithCaseInsensitiveHeaders = headersToPreserve.caseInsensitiveHeadersMap;
     }
 
-    private static boolean headerNameShouldBeTracked(CharSequence name) {
-        return HEADERS_TO_PRESERVE.contains(name);
+    private boolean headerNameShouldBeTracked(CharSequence name) {
+        return mapWithCaseInsensitiveHeaders.contains(name);
     }
 
     @Override