Update telemetry tags in API10

manuel-alvarez-alvarez · manuel-alvarez-alvarez · commit 108528d9acca · 2025-10-09T09:51:26.000+02:00
diff --git a/dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/GatewayBridge.java b/dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/GatewayBridge.java
@@ -381,7 +381,7 @@ private Flow<Void> onHttpClientRequest(RequestContext ctx_, HttpClientRequest re
       }
       try {
         final boolean raspActive = Config.get().isAppSecRaspEnabled();
-        GatewayContext gwCtx = new GatewayContext(true, raspActive ? RuleType.SSRF : null);
+        GatewayContext gwCtx = new GatewayContext(true, raspActive ? RuleType.SSRF_REQUEST : null);
         return producerService.publishDataEvent(subInfo, ctx, bundle, gwCtx);
       } catch (ExpiredSubscriberInfoException e) {
         httpClientRequestSubInfo = null;
@@ -420,7 +420,8 @@ private Flow<Void> onHttpClientResponse(RequestContext ctx_, HttpClientResponse
         httpClientResponseSubInfo = subInfo;
       }
       try {
-        GatewayContext gwCtx = new GatewayContext(true);
+        final boolean raspActive = Config.get().isAppSecRaspEnabled();
+        GatewayContext gwCtx = new GatewayContext(true, raspActive ? RuleType.SSRF_RESPONSE : null);
         return producerService.publishDataEvent(subInfo, ctx, bundle, gwCtx);
       } catch (ExpiredSubscriberInfoException e) {
         httpClientResponseSubInfo = null;
diff --git a/dd-java-agent/appsec/src/test/groovy/com/datadog/appsec/gateway/GatewayBridgeSpecification.groovy b/dd-java-agent/appsec/src/test/groovy/com/datadog/appsec/gateway/GatewayBridgeSpecification.groovy
@@ -27,6 +27,7 @@ import datadog.trace.api.gateway.SubscriptionService
 import datadog.trace.api.http.StoredBodySupplier
 import datadog.trace.api.internal.TraceSegment
 import datadog.trace.api.telemetry.LoginEvent
+import datadog.trace.api.telemetry.RuleType
 import datadog.trace.api.telemetry.WafMetricCollector
 import datadog.trace.bootstrap.instrumentation.api.AgentSpan
 import datadog.trace.bootstrap.instrumentation.api.Tags
@@ -899,6 +900,7 @@ class GatewayBridgeSpecification extends DDSpecification {
     flow.action == Flow.Action.Noop.INSTANCE
     gatewayContext.isTransient == true
     gatewayContext.isRasp == true
+    gatewayContext.raspRuleType == RuleType.SSRF_REQUEST
 
     where:
     sampled << [true, false]
@@ -932,7 +934,8 @@ class GatewayBridgeSpecification extends DDSpecification {
     flow.result == null
     flow.action == Flow.Action.Noop.INSTANCE
     gatewayContext.isTransient == true
-    gatewayContext.isRasp == false
+    gatewayContext.isRasp == true
+    gatewayContext.raspRuleType == RuleType.SSRF_RESPONSE
 
     where:
     sampled << [true, false]
diff --git a/internal-api/src/main/java/datadog/trace/api/telemetry/RuleType.java b/internal-api/src/main/java/datadog/trace/api/telemetry/RuleType.java
@@ -5,7 +5,8 @@
 public enum RuleType {
   LFI(Type.LFI),
   SQL_INJECTION(Type.SQL_INJECTION),
-  SSRF(Type.SSRF),
+  SSRF_REQUEST(Type.SSRF, Variant.REQUEST),
+  SSRF_RESPONSE(Type.SSRF, Variant.RESPONSE),
   SHELL_INJECTION(Type.COMMAND_INJECTION, Variant.SHELL),
   COMMAND_INJECTION(Type.COMMAND_INJECTION, Variant.EXEC);
 
@@ -46,7 +47,9 @@ public String toString() {
 
   public enum Variant {
     SHELL("shell"),
-    EXEC("exec");
+    EXEC("exec"),
+    REQUEST("request"),
+    RESPONSE("response");
 
     public final String name;
 
