kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity

feat(dashboard): time range filter for operational metrics (30d/90d/6m/1y/all)
Aegis CI / lint-and-test (push) Waiting to run
Details
Snyk Security Scan / Python vulnerabilities (backend) (push) Waiting to run
Details
Snyk Security Scan / npm vulnerabilities (frontend) (push) Waiting to run
Details
Snyk Security Scan / Docker image vulnerabilities (backend) (push) Waiting to run
Details

Browse Source
This commit is contained in:
kitos
2026-06-19 10:41:22 +02:00
parent 4e71217dd7
commit bb8b9a6a72
4 changed files with 156 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/services/operational_metrics_service.py
+62 -111
View File
@@ -61,7 +61,7 @@ def _safe_stats(values: list[float]) -> dict:
# ── MTTD (Mean Time to Detect) ───────────────────────────────────────
def calculate_mttd(db: Session) -> Optional[dict]:
def calculate_mttd(db: Session, since: Optional[datetime] = None) -> Optional[dict]:
"""Calculate Mean Time to Detect.
Uses direct timestamp fields on the Test record:
@@ -71,14 +71,13 @@ def calculate_mttd(db: Session) -> Optional[dict]:
MTTD = blue_started_at - red_started_at - red_paused_seconds
Represents how long Red Team spent executing before Blue received the test.
"""
tests = (
db.query(Test)
.filter(
Test.red_started_at.isnot(None),
Test.blue_started_at.isnot(None),
)
.all()
q = db.query(Test).filter(
Test.red_started_at.isnot(None),
Test.blue_started_at.isnot(None),
)
if since:
q = q.filter(Test.red_started_at >= since)
tests = q.all()
# Assign detection_times = []
detection_times = []
@@ -95,7 +94,7 @@ def calculate_mttd(db: Session) -> Optional[dict]:
# ── MTTR (Mean Time to Respond/Remediate) ─────────────────────────────
def calculate_mttr(db: Session) -> Optional[dict]:
def calculate_mttr(db: Session, since: Optional[datetime] = None) -> Optional[dict]:
"""Calculate Mean Time to Respond.
Redefined as total pipeline time from attack start to full validation:
@@ -104,17 +103,14 @@ def calculate_mttr(db: Session) -> Optional[dict]:
Represents how long the full security testing cycle takes end-to-end.
Only uses tests that have been fully validated (both sides approved).
"""
tests = (
db.query(Test)
# Chain .filter() call
.filter(
Test.state == TestState.validated,
Test.red_started_at.isnot(None),
Test.blue_validated_at.isnot(None),
)
# Chain .all() call
.all()
q = db.query(Test).filter(
Test.state == TestState.validated,
Test.red_started_at.isnot(None),
Test.blue_validated_at.isnot(None),
)
if since:
q = q.filter(Test.red_started_at >= since)
tests = q.all()
# Assign response_times = []
response_times = []
@@ -132,7 +128,7 @@ def calculate_mttr(db: Session) -> Optional[dict]:
# ── Detection Efficacy ───────────────────────────────────────────────
def calculate_detection_efficacy(db: Session) -> dict:
def calculate_detection_efficacy(db: Session, since: Optional[datetime] = None) -> dict:
"""Calculate detection efficacy: detected / total validated tests.
Args:
@@ -143,13 +139,10 @@ def calculate_detection_efficacy(db: Session) -> dict:
``not_detected``, and ``total``.
"""
# Assign validated_tests = (
validated_tests = (
db.query(Test)
# Chain .filter() call
.filter(Test.state == TestState.validated)
# Chain .all() call
.all()
)
_vq = db.query(Test).filter(Test.state == TestState.validated)
if since:
_vq = _vq.filter(Test.created_at >= since)
validated_tests = _vq.all()
# Assign total = len(validated_tests)
total = len(validated_tests)
@@ -324,7 +317,7 @@ def calculate_coverage_velocity(db: Session) -> dict:
# ── Validation Throughput ────────────────────────────────────────────
def calculate_validation_throughput(db: Session) -> dict:
def calculate_validation_throughput(db: Session, since: Optional[datetime] = None) -> dict:
"""Pipeline Conversion Rate — activity-based, no time dependency.
Measures what percentage of tests that have entered the validation
@@ -336,21 +329,23 @@ def calculate_validation_throughput(db: Session) -> dict:
0% = nothing has been validated yet.
Lower = backlog or quality issues blocking approvals.
"""
_since_filter = [Test.created_at >= since] if since else []
validated_count = (
db.query(func.count(Test.id))
.filter(Test.state == TestState.validated)
.filter(Test.state == TestState.validated, *_since_filter)
.scalar()
) or 0
rejected_count = (
db.query(func.count(Test.id))
.filter(Test.state == TestState.rejected)
.filter(Test.state == TestState.rejected, *_since_filter)
.scalar()
) or 0
in_review_count = (
db.query(func.count(Test.id))
.filter(Test.state == TestState.in_review)
.filter(Test.state == TestState.in_review, *_since_filter)
.scalar()
) or 0
@@ -386,7 +381,7 @@ def calculate_validation_throughput(db: Session) -> dict:
# ── Rejection Rate ──────────────────────────────────────────────────
def calculate_rejection_rate(db: Session) -> dict:
def calculate_rejection_rate(db: Session, since: Optional[datetime] = None) -> dict:
"""Calculate rejection rate, broken down by red_lead and blue_lead.
Args:
@@ -397,65 +392,45 @@ def calculate_rejection_rate(db: Session) -> dict:
(red-lead rejection percentage), and ``by_blue_lead``
(blue-lead rejection percentage).
"""
# Assign validated_count = (
_sf = [Test.created_at >= since] if since else []
validated_count = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.state == TestState.validated)
# Chain .scalar() call
.filter(Test.state == TestState.validated, *_sf)
.scalar()
) or 0
# Assign rejected_count = (
rejected_count = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.state == TestState.rejected)
# Chain .scalar() call
.filter(Test.state == TestState.rejected, *_sf)
.scalar()
) or 0
# Assign total = validated_count + rejected_count
total = validated_count + rejected_count
# Assign overall_pct = round((rejected_count / total) * 100, 1) if total > 0 else 0
overall_pct = round((rejected_count / total) * 100, 1) if total > 0 else 0
# By red_lead (red_validation_status == "rejected")
red_rejected = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.red_validation_status == "rejected")
# Chain .scalar() call
.filter(Test.red_validation_status == "rejected", *_sf)
.scalar()
) or 0
# Assign red_total = (
red_total = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.red_validation_status.in_(["approved", "rejected"]))
# Chain .scalar() call
.filter(Test.red_validation_status.in_(["approved", "rejected"]), *_sf)
.scalar()
) or 0
# Assign red_pct = round((red_rejected / red_total) * 100, 1) if red_total > 0 else 0
red_pct = round((red_rejected / red_total) * 100, 1) if red_total > 0 else 0
# By blue_lead
blue_rejected = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.blue_validation_status == "rejected")
# Chain .scalar() call
.filter(Test.blue_validation_status == "rejected", *_sf)
.scalar()
) or 0
# Assign blue_total = (
blue_total = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.blue_validation_status.in_(["approved", "rejected"]))
# Chain .scalar() call
.filter(Test.blue_validation_status.in_(["approved", "rejected"]), *_sf)
.scalar()
) or 0
# Assign blue_pct = round((blue_rejected / blue_total) * 100, 1) if blue_total > 0 else 0
blue_pct = round((blue_rejected / blue_total) * 100, 1) if blue_total > 0 else 0
# Return {
@@ -472,7 +447,7 @@ def calculate_rejection_rate(db: Session) -> dict:
# ── Aggregated Operational Metrics ───────────────────────────────────
def get_all_operational_metrics(db: Session) -> dict:
def get_all_operational_metrics(db: Session, since: Optional[datetime] = None) -> dict:
"""Return all operational metrics combined in a single response.
Args:
@@ -483,22 +458,14 @@ def get_all_operational_metrics(db: Session) -> dict:
``alert_fidelity``, ``coverage_velocity``,
``validation_throughput``, and ``rejection_rate`` keys.
"""
# Return {
return {
# Literal argument value
"mttd": calculate_mttd(db),
# Literal argument value
"mttr": calculate_mttr(db),
# Literal argument value
"detection_efficacy": calculate_detection_efficacy(db),
# Literal argument value
"alert_fidelity": calculate_alert_fidelity(db),
# Literal argument value
"coverage_velocity": calculate_coverage_velocity(db),
# Literal argument value
"validation_throughput": calculate_validation_throughput(db),
# Literal argument value
"rejection_rate": calculate_rejection_rate(db),
"mttd": calculate_mttd(db, since),
"mttr": calculate_mttr(db, since),
"detection_efficacy": calculate_detection_efficacy(db, since),
"alert_fidelity": calculate_alert_fidelity(db), # TestDetectionResult, no created_at filter
"coverage_velocity": calculate_coverage_velocity(db), # uses its own 12-week window
"validation_throughput": calculate_validation_throughput(db, since),
"rejection_rate": calculate_rejection_rate(db, since),
}
@@ -583,7 +550,7 @@ def get_operational_trend(db: Session, period: str = "90d") -> list:
# ── By Team ──────────────────────────────────────────────────────────
def get_metrics_by_team(db: Session) -> dict:
def get_metrics_by_team(db: Session, since: Optional[datetime] = None) -> dict:
"""Return metrics broken down by Red vs Blue team.
Args:
@@ -594,33 +561,30 @@ def get_metrics_by_team(db: Session) -> dict:
``tests_completed``, ``avg_completion_hours``, and
``rejection_rate``.
"""
_sf = [Test.created_at >= since] if since else []
# Red team metrics
red_tests_completed = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.state.in_([
TestState.blue_evaluating,
TestState.in_review,
TestState.validated,
TestState.rejected,
]))
# Chain .scalar() call
]), *_sf)
.scalar()
) or 0
# Assign red_avg_time = None
red_avg_time = None
# Assign red_times = []
red_times = []
# Red team avg execution time: red_started_at → blue_started_at (net of paused)
tests_with_red = (
db.query(Test)
.filter(
Test.red_started_at.isnot(None),
Test.blue_started_at.isnot(None),
)
.all()
_rq = db.query(Test).filter(
Test.red_started_at.isnot(None),
Test.blue_started_at.isnot(None),
)
if since:
_rq = _rq.filter(Test.red_started_at >= since)
tests_with_red = _rq.all()
# Iterate over tests_with_red
for t in tests_with_red:
gross = (t.blue_started_at - t.red_started_at).total_seconds()
@@ -635,33 +599,23 @@ def get_metrics_by_team(db: Session) -> dict:
# Blue team: count tests that reached the blue evaluation phase
blue_tests_completed = (
db.query(func.count(Test.id))
# Chain .filter() call
.filter(Test.state.in_([
TestState.in_review,
TestState.validated,
TestState.rejected,
]))
# Chain .scalar() call
]), *_sf)
.scalar()
) or 0
# Blue avg evaluation time:
# Prefer blue_work_started_at (actual pick-up) → blue_validated_at.
# Fall back to blue_started_at if blue_work_started_at is not set.
blue_avg_time = None
# Assign blue_times = []
blue_times = []
# Assign tests_with_blue = (
tests_with_blue = (
db.query(Test)
# Chain .filter() call
.filter(
Test.blue_started_at.isnot(None),
Test.blue_validated_at.isnot(None),
)
# Chain .all() call
.all()
_bq = db.query(Test).filter(
Test.blue_started_at.isnot(None),
Test.blue_validated_at.isnot(None),
)
if since:
_bq = _bq.filter(Test.blue_started_at >= since)
tests_with_blue = _bq.all()
# Iterate over tests_with_blue
for t in tests_with_blue:
phase_start = t.blue_work_started_at or t.blue_started_at
@@ -685,15 +639,12 @@ def get_metrics_by_team(db: Session) -> dict:
# Literal argument value
"avg_completion_hours": red_avg_time,
"avg_unit": "min" if (red_avg_raw is not None and red_avg_raw < 1) else "hrs",
"rejection_rate": calculate_rejection_rate(db)["by_red_lead"],
"rejection_rate": calculate_rejection_rate(db, since)["by_red_lead"],
},
# Literal argument value
"blue_team": {
# Literal argument value
"tests_completed": blue_tests_completed,
# Literal argument value
"avg_completion_hours": blue_avg_time,
"avg_unit": "min" if (blue_avg_raw is not None and blue_avg_raw < 1) else "hrs",
"rejection_rate": calculate_rejection_rate(db)["by_blue_lead"],
"rejection_rate": calculate_rejection_rate(db, since)["by_blue_lead"],
},
}