v1.1.7 - Add per-connection database query tracking for abuse detection

Implemented comprehensive database query tracking to identify clients causing high CPU usage through excessive database queries. The relay now tracks and displays query statistics per WebSocket connection in the admin UI. Features Added: - Track db_queries_executed and db_rows_returned per connection - Calculate query rate (queries/minute) and row rate (rows/minute) - Display stats in admin UI grouped by IP address and WebSocket - Show: IP, Subscriptions, Queries, Rows, Query Rate, Duration Implementation: - Added tracking fields to per_session_data structure - Increment counters in handle_req_message() and handle_count_message() - Extract stats from pss in query_subscription_details() - Updated admin UI to display IP address and query metrics Use Case: Admins can now identify abusive clients by monitoring: - High query rates (>50 queries/min indicates polling abuse) - High row counts (>10K rows/min indicates broad filter abuse) - Query patterns (high queries + low rows = targeted, high both = crawler) This enables informed decisions about which IPs to blacklist based on actual resource consumption rather than just connection count.
2026-02-01 16:26:37 -04:00
parent 4cc2d2376e
commit c0051b22be
8 changed files with 80 additions and 9 deletions
--- a/api/index.js
+++ b/api/index.js
@@ -4324,6 +4324,12 @@ function populateSubscriptionDetailsTable(subscriptionsData) {
        const oldestDuration = Math.max(...subscriptions.map(s => now - s.created_at));
        const oldestDurationStr = formatDuration(oldestDuration);

+        // Calculate total query stats for this connection
+        const totalQueries = subscriptions.reduce((sum, s) => sum + (s.db_queries_executed || 0), 0);
+        const totalRows = subscriptions.reduce((sum, s) => sum + (s.db_rows_returned || 0), 0);
+        const avgQueryRate = subscriptions.length > 0 ? (subscriptions[0].query_rate_per_min || 0) : 0;
+        const clientIp = subscriptions.length > 0 ? (subscriptions[0].client_ip || 'unknown') : 'unknown';
+
        // Create header row (summary)
        const headerRow = document.createElement('tr');
        headerRow.className = 'subscription-group-header';
@@ -4334,9 +4340,14 @@ function populateSubscriptionDetailsTable(subscriptionsData) {
        headerRow.innerHTML = `
            <td colspan="4" style="padding: 8px;">
                <span class="expand-icon" style="display: inline-block; width: 20px; transition: transform 0.2s;">▶</span>
-                <strong style="font-family: 'Courier New', monospace; font-size: 12px;">Websocket: ${wsiPointer}</strong>
-                <span style="color: #666; margin-left: 15px;">
-                    Subscriptions: ${subCount} | Oldest: ${oldestDurationStr}
+                <strong style="font-family: 'Courier New', monospace; font-size: 12px;">IP: ${clientIp}</strong>
+                <span style="color: #666; margin-left: 10px; font-size: 11px;">
+                    WS: ${wsiPointer} |
+                    Subs: ${subCount} |
+                    Queries: ${totalQueries.toLocaleString()} |
+                    Rows: ${totalRows.toLocaleString()} |
+                    Rate: ${avgQueryRate.toFixed(1)} q/min |
+                    Duration: ${oldestDurationStr}
                </span>
            </td>
        `;