Traffic Capture
Overview
Smart Tests provide capabilities to capture properly instrumented HTTP requests and responses. This document provides an operational overview of how traffic capture works under the hood.
Opt-in and Non-invasive
Traffic capture is restricted to:
- HTTP requests which have been properly instrumented, such as those annotated
with
capture=True
in Signadot Tests. - Only outbound requests from the test runner pods and inbound requests in Sandboxed Forked Workloads are captured when instrumented as above. Whenever a request is captured, the corresponding response is also captured.
Context Propagation
Traffic capture instrumentation respects context propagation where it is in-place, so requests instrumented for capture which trigger chains of requests to a Sandbox workload will have traffic captured for that sandbox workload.
Storage and Modeling
Captured data is stored with encryption and processed in the Signadot Control plane. The captured traffic is modeled with statistical language models for structured data. Models are the result of processing and are maintained transparently by Signadot.
Reliability
Although access to already captured data is reliable, we allow the actual capturing to fail occasionally while the requests and responses being captured succeed. This simplifies the capture system a great deal and minimizes performance overhead of capturing data. This may lead to soft, advisory results from time to time but only infrequently.