<!--
Copyright 2020 The Chromium Authors
Use of this source code is governed by a BSD-style license that can be
found in the LICENSE file.
-->
<!--
This file is used to generate a comprehensive list of SBClient histograms
along with a detailed description for each histogram.
For best practices on writing histogram descriptions, see
https://chromium.googlesource.com/chromium/src.git/+/HEAD/tools/metrics/histograms/README.md
Please follow the instructions in the OWNERS file in this directory to find a
reviewer. If no OWNERS file exists, please consider signing up at
go/reviewing-metrics (Googlers only), as all subdirectories are expected to
have an OWNERS file. As a last resort you can send the CL to
[email protected].
-->
<histogram-configuration>
<histograms>
<variants name="ClientSideDetectionRequestType">
<variant name="" summary="all request types"/>
<variant name=".ForceRequest" summary="Force request"/>
<variant name=".KeyboardLockRequested" summary="Keyboard lock requested"/>
<variant name=".NotificationPermissionPrompt"
summary="Notification permission prompt"/>
<variant name=".PointerLockRequested" summary="Pointer lock requested"/>
<variant name=".TriggerModel" summary="Trigger model"/>
<variant name=".Unknown" summary="Unknown"/>
<variant name=".VibrationApi" summary="Vibration API"/>
</variants>
<variants name="DownloadDangerTypeForBypassMetrics">
<variant name="DangerousFileType" summary="dangerous file type"/>
<variant name="Malicious" summary="malicious content"/>
<variant name="Others" summary="other danger types"/>
<variant name="Uncommon" summary="uncommon content"/>
</variants>
<variants name="DownloadWarningAction">
<variant name="Bypassed" summary="bypassed"/>
<variant name="Shown" summary="shown"/>
</variants>
<histogram name="SBClientDownload.AndroidAppVerificationPromptResult"
enum="SafeBrowsingVerifyAppsEnabledResult" expires_after="2025-05-24">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of prompting the user to enable app verification. This is
logged for each prompt shown, which is once per APK download on Android by a
user with app verification disabled.
</summary>
</histogram>
<histogram name="SBClientDownload.AndroidAppVerificationResult"
enum="SafeBrowsingVerifyAppsEnabledResult" expires_after="2025-05-24">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of checking whether app verification is enabled. This is
logged on every APK download on Android.
</summary>
</histogram>
<histogram name="SBClientDownload.AndroidTelemetry.AppVerificationResult"
enum="SafeBrowsingVerifyAppsEnabledResult" expires_after="2025-06-18">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of checking whether app verification is enabled. This is
logged for each APK download by a used opted in to Enhanced Safe Browsing.
</summary>
</histogram>
<histogram
name="SBClientDownload.AutomaticDeepScanNoticeSeen2.PartialView{PartialViewSetting}"
enum="BooleanShown" expires_after="2025-02-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether a user with partial view {PartialViewSetting} has been shown
notice that deep scans will become automatic. This is logged on each deep
scan request (a fraction of downloads).
</summary>
<token key="PartialViewSetting">
<variant name="Enabled" summary="enabled"/>
<variant name="Suppressed" summary="suppressed"/>
</token>
</histogram>
<histogram name="SBClientDownload.AutoOpen{State}FileType"
enum="SBClientDownloadExtensions" expires_after="2024-11-03">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the extension of files downloaded with auto-open {State}. This can
be used to decide the impact of changing the `auto_open_hint` in the file
type policy. It is logged on every successful download.
</summary>
<token key="State">
<variant name="Disabled" summary="disabled"/>
<variant name="Enabled" summary="enabled"/>
</token>
</histogram>
<histogram name="SBClientDownload.CancelEphemeralWarning"
enum="CancelEphemeralWarningEvent" expires_after="2025-01-26">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the events related to ephemeral warning cancellation. Compare the
bucket count between CancellationScheduled and CancellationTriggered to see
how often the delayed task actually got triggered after one hour. The volume
of the rest of the buckets should sum up to the CancellationTriggered
bucket.
</summary>
</histogram>
<histogram name="SBClientDownload.CheckDownloadStats"
enum="SBClientDownloadCheckDownloadStats" expires_after="2025-01-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the reason why downloads are marked as being malicious or clean by
the improved SafeBrowsing binary download protection. Note that
UNSUPPORTED_URL_SCHEME was split out of the INVALID_URL bucket in M41. The
NOT_BINARY_FILE check was moved before the UNSUPPORTED_URL_SCHEME check in
M42. The ALLOWLISTED_URL check was moved to before NOT_BINARY_FILE in M62.
This is logged after download scanned by Safe Browsing.
This metric is used to populate a dashboard on go/crsb-site.
</summary>
</histogram>
<histogram name="SBClientDownload.DeepScan.IncorrectPasswordVerdictIsLocal"
enum="Boolean" expires_after="2025-01-12">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
This logs whether an incorrect password verdict is shown due to the password
being identified as incorrect locally or on the server. It is logged once
for each incorrect password prompt shown.
</summary>
</histogram>
<histogram name="SBClientDownload.DeepScanTrigger" enum="SBDeepScanTriggers"
expires_after="2025-06-30">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the reason each file was uploaded to Safe Browsing for deep
scanning. This is logged on every deep scan.
</summary>
</histogram>
<histogram name="SBClientDownload.DeepScanType" enum="SBDeepScanType"
expires_after="2023-03-19">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the type of scan each time a download item starts a deep scan. This
is logged on every deep scan.
</summary>
</histogram>
<histogram name="SBClientDownload.DownloadExtensions"
enum="SBClientDownloadExtensions" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records a histogram of how often users download a file with a file extension
that is possibly dangerous (e.g., exe, class).
</summary>
</histogram>
<histogram name="SBClientDownload.DownloadRequestDuration" units="ms"
expires_after="2025-02-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the total time it takes for the SafeBrowsing download service to
check whether the content of a download is malicious or not, including file
feature extraction, allowlist checking, and server ping. This histogram only
includes checks that sent a ping to the SafeBrowsing server. It does not
include requests that were cancelled, but does include requests that
received a bad response.
</summary>
</histogram>
<histogram name="SBClientDownload.DownloadRequestDuration.{Analysis}"
units="ms" expires_after="2024-12-30">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the total time it takes for the SafeBrowsing download service to
check whether the content of a download which underwent {Analysis} analysis
is malicious or not, including file feature extraction, allowlist checking,
and server ping. This histogram only includes checks that sent a ping to the
SafeBrowsing server. It does not include requests that were cancelled, but
does include requests that received a bad response.
</summary>
<token key="Analysis">
<variant name="Dmg"/>
<variant name="None" summary="executable"/>
<variant name="Rar"/>
<variant name="SevenZip"/>
<variant name="Zip"/>
</token>
</histogram>
<histogram name="SBClientDownload.DownloadRequestDurationMedium.{Analysis}"
units="ms" expires_after="2025-03-16">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the total time it takes for the SafeBrowsing download service to
check whether the content of a download is malicious or not, including file
feature extraction, allowlist checking, and server ping. This histogram only
includes checks that sent a ping to the SafeBrowsing server. It does not
include requests that were cancelled, but does include requests that
received a bad response.
This histogram is a "medium" version of
SBClientDownload.DownloadRequestDuration. It has a maximum of 3 minutes to
help investigate long-tail downloads.
</summary>
<token key="Analysis">
<variant name="Dmg"/>
<variant name="None" summary="executable"/>
<variant name="Rar"/>
<variant name="SevenZip"/>
<variant name="Zip"/>
</token>
</histogram>
<histogram name="SBClientDownload.DownloadRequestNetError" enum="NetErrorCodes"
expires_after="2025-03-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
The net error code for all CheckClientDownloadRequest URLFetchers.
</summary>
</histogram>
<histogram name="SBClientDownload.DownloadRequestNetworkDuration" units="ms"
expires_after="2024-12-24">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the time it takes for the SafeBrowsing download service ping. It is
not recorded for requests that were cancelled.
Warning: this histogram was expired from 2021-05-06 to 2021-12-02; data may
be missing.
</summary>
</histogram>
<histogram name="SBClientDownload.DownloadRequestResponseCode"
enum="HttpResponseCode" expires_after="2025-03-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
For CheckClientDownloadRequest URLFetchers with successful status, the HTTP
response code that was received.
</summary>
</histogram>
<histogram name="SBClientDownload.FileAnalysisDuration{Analysis}" units="ms"
expires_after="2025-02-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the time it takes for the SafeBrowsing download service to check the
safety of the contents of a download which underwent analysis for
{Analysis}. This only includes file feature extraction. Also see
SBClientDownload.DownloadRequestDuration.
</summary>
<token key="Analysis">
<variant name="" summary="any file type, aggregated"/>
<variant name=".Dmg"/>
<variant name=".Executable" summary="executables"/>
<variant name=".Rar"/>
<variant name=".SevenZip"/>
<variant name=".Zip"/>
</token>
</histogram>
<histogram name="SBClientDownload.LocalDecryptionEvent" enum="SBDeepScanEvent"
expires_after="2025-03-18">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records events related to user interaction with local decryption prompts.
This includes when the prompt is shown, when it is accepted or rejected, and
when the provided password is incorrect.
</summary>
</histogram>
<histogram name="SBClientDownload.SafeDownloadOpenedLatency2.{ShowAction}"
units="ms" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the latency between when a safe download is completed and when the
user {ShowAction}. Users can open the download either from the download
shelf or from the downloads page. Note that if the user opens the same
download for several times, this metric is recorded each time. Excludes
downloads that were auto opened.
</summary>
<token key="ShowAction">
<variant name="OpenDirectly" summary="opens the download directly"/>
<variant name="ShowInFolder" summary="clicks show in folder"/>
</token>
</histogram>
<histogram name="SBClientDownload.SavePackageFileCount" units="files"
expires_after="2023-03-19">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the number of files corresponding to a single save package being
scanned. This is logged on every save package deep scan.
</summary>
</histogram>
<histogram name="SBClientDownload.ServerRequestsDeepScanningPrompt{Encryption}"
enum="BooleanRequested" expires_after="2025-01-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records how often users in a population consented to deep scanning are
actually prompted for deep scanning of {Encryption}. This is logged once per
download by an eligible user.
</summary>
<token key="Encryption">
<variant name="" summary="any file"/>
<variant name="PasswordProtected" summary="encrypted archives"/>
</token>
</histogram>
<histogram name="SBClientDownload.ServerRequestsImmediateDeepScan2"
enum="BooleanRequested" expires_after="2025-08-18">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records how often users in a population consented to immediate deep scans
are actually prompted for this feature. This is logged once per download by
an eligible user.
</summary>
</histogram>
<histogram name="SBClientDownload.ServerRequestsLocalDecryptionPrompt"
enum="BooleanRequested" expires_after="2025-02-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records how often users in a population consented to local decryption are
actually prompted for this feature. This is logged once per download by an
eligible user.
</summary>
</histogram>
<histogram name="SBClientDownload.TailoredWarning.HasVaidEmailForAccountInfo"
enum="BooleanValid" expires_after="2025-01-22">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether Chrome can find a valid email to be added in the tailored
warning string. Logged each time Safe Browsing asks Chrome to show the
account info in the warining. Ideally invalid email should be rare, because
Safe Browsing should take the user's signed-in status into account when
generating tailored verdicts.
</summary>
</histogram>
<histogram name="SBClientDownload.TailoredWarningType"
enum="TailoredWarningType" expires_after="2025-01-04">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the tailored warning type that is shown. Logged when a download
warning was shown in the shelf/bubble.
</summary>
</histogram>
<histogram name="SBClientDownload.UserGestureFileType.Attributes"
enum="SBClientDownloadUserGestureFileTypeAttributes"
expires_after="2025-01-22">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the attributes of a download that is allowed on user gesture. Logged
each time a download happens and the danger level is ALLOW_ON_USER_GESTURE.
To get the percentage of a specific attribute, divide the number of record
of that attribute by the number of record of TOTAL_TYPE_CHECKED.
</summary>
</histogram>
<histogram
name="SBClientDownload.Warning.DownloadHasUserGesture.{DangerType}.{Action}"
enum="BooleanHasUserGesture" expires_after="2025-01-26">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether the download was triggered by user gesture when a download
warning for {DangerType} is {Action}. The bypassed metrics are recorded when
the warning is either bypassed from the download shelf or from the downloads
page. By combining the shown and bypassed metrics for a specific danger
type, we can calculate whether the bypass rate is different between
user-initiated and automatically triggered downloads.
This metric is used to populate a dashboard on go/crca-site.
</summary>
<token key="DangerType" variants="DownloadDangerTypeForBypassMetrics"/>
<token key="Action" variants="DownloadWarningAction"/>
</histogram>
<histogram
name="SBClientDownload.Warning.DownloadIsHttps.{DangerType}.{Action}"
enum="BooleanHttps" expires_after="2025-01-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether the download URL is HTTPS when a download warning for
{DangerType} is {Action}. The bypassed metrics are recorded when the warning
is either bypassed from the download shelf or from the downloads page. By
combining the shown and bypassed metrics for a specific danger type, we can
calculate whether the bypass rate is different between HTTPS downloads and
non-HTTPS downloads.
This metric is used to populate a dashboard on go/crca-site.
</summary>
<token key="DangerType" variants="DownloadDangerTypeForBypassMetrics"/>
<token key="Action" variants="DownloadWarningAction"/>
</histogram>
<histogram name="SBClientDownload.Warning.FileType.{DangerType}.{Action}"
enum="SBClientDownloadExtensions" expires_after="2025-01-26">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the type of the file when a download warning for {DangerType} is
{Action}. The bypassed metrics are recorded when the warning is either
bypassed from the download shelf or from the downloads page. By combining
the shown and bypassed metrics for a specific danger type, we can calculate
the bypass rate of different file types.
This metric is used to populate a dashboard on go/crca-site.
</summary>
<token key="DangerType" variants="DownloadDangerTypeForBypassMetrics"/>
<token key="Action" variants="DownloadWarningAction"/>
</histogram>
<histogram name="SBClientDownload.{ArchiveType}ArchiveAnalysisResult"
enum="ArchiveAnalysisResult" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records a more granular reason why we failed to unpack a {ArchiveType} file.
This is recorded on every download of an {ArchiveType} file.
</summary>
<token key="ArchiveType">
<variant name="Dmg"/>
<variant name="Rar"/>
<variant name="SevenZip"/>
<variant name="Zip"/>
</token>
</histogram>
<histogram name="SBClientDownload.{Encryption}DeepScanEvent3"
enum="SBDeepScanEvent" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records events related to user interaction with deep scanning prompts. This
is recorded a few times during the process of each prompt for deep scanning:
- Once when the prompt is shown. - Once when the prompt is
accepted/bypassed. - Once when the scan is completed, either through
cancelation or completion. This is logged for consumer scans of
{Encryption}.
Note: Logging of PromptAccepted was lost in M118. "Scan canceled"
and "Scan deleted" were added in M121. "Prompt accepted"
was split into "Prompt accepted" and "Prompt accepted from
chrome://downloads" in M121.
</summary>
<token key="Encryption">
<variant name="" summary="a file"/>
<variant name="PasswordProtected" summary="an encrypted archive"/>
</token>
</histogram>
<histogram name="SBClientDownload.{Encryption}MalwareDeepScanResult2.{trigger}"
enum="SBClientDownloadCheckResult" expires_after="2025-01-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of deep scanning {Encryption}, split by the reason the
file was uploaded for scanning. This is logged after every deep scan of a
download.
</summary>
<token key="Encryption">
<variant name="" summary="a file"/>
<variant name="PasswordProtected" summary="an encrypted archive"/>
</token>
<token key="trigger">
<variant name="ConsumerPrompt"
summary="Advanced Protection or Enhanced Protection user selected
'Scan'"/>
<variant name="EncryptedConsumerPrompt"
summary="Enhanced Protection user selected 'Scan' on an encrypted
archive"/>
<variant name="ImmediateDeepScan"
summary="Enhanced Protection user began deep scanning automatically"/>
<variant name="Policy" summary="Triggered by enterprise policy"/>
<variant name="Unknown" summary="Unknown trigger"/>
</token>
</histogram>
<histogram name="SBClientPhishing.AddPhishingReportSuccessful"
enum="BooleanSuccess" expires_after="2025-05-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether adding phishing report times to profile preferences list
before sending ClientPhishingRequest is successful or not.
</summary>
</histogram>
<histogram name="SBClientPhishing.ApplyTfliteTime.Classify" units="ms"
expires_after="2025-01-26">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the duration of running the TfLite classification, which is one step
in applying the TfLite model for phishing detection. This model is applied
roughly once per navigation.
</summary>
</histogram>
<histogram name="SBClientPhishing.BrowserReadyOnClassifierNotReady"
enum="BooleanReady" expires_after="2025-07-24">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
When a renderer-side classification returns the error
"CLASSIFIER_NOT_READY", this histogram is logged with whether or
not the browser process had a valid model. This can help to identify
problems distributing the model from browser process to the renderers.
</summary>
</histogram>
<histogram name="SBClientPhishing.CancelClassificationReason"
enum="SBClientPhishingCancelClassificationReason"
expires_after="2024-11-03">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
The counts for various reasons why an in-progress phishing classification
was canceled.
</summary>
</histogram>
<histogram name="SBClientPhishing.CancelImageEmbeddingReason"
enum="SBClientPhishingCancelImageEmbeddingReason"
expires_after="2025-07-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
The counts for various reasons why an in-progress phishing image embedding
was canceled.
</summary>
</histogram>
<histogram name="SBClientPhishing.Classifier.Event"
enum="SBPhishingClassifierEvent" expires_after="2025-02-16">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records events in the phishing classifier including reasons that prevents
phishing detection to complete on the renderer side.
</summary>
</histogram>
<histogram name="SBClientPhishing.Classifier.ReadyAfterRetryTimeout"
units="bool" expires_after="2025-01-12">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the success rate of renderer-side phishing classification after
retries when the model is not available.
</summary>
</histogram>
<histogram name="SBClientPhishing.ClassifyThresholdsResult"
enum="SBClientDetectionClassifyThresholdsResult" expires_after="2025-09-22">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of classification in visual TfLite model thresholds
comparison on the browser side
</summary>
</histogram>
<histogram
name="SBClientPhishing.ClientSideDetection.AsyncCheckTriggerForceRequestResult"
enum="AsyncCheckTriggerForceRequestResult" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of async check triggering CSD-Phishing classification
forced by the request from real-time URL lookup. Recorded each time async
Safe Browsing check is completed (note: this only happens when the check
goes through async check tracker, which only happens if the Safe Browsing
check is slow).
</summary>
</histogram>
<histogram name="SBClientPhishing.ClientSideDetectionTypeRequest"
enum="ClientSideDetectionType" expires_after="2025-01-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records client_side_detection_type in the verdict which denotes which
process is responsible for sending the ping to the server. This histogram is
logged once on every successful classification.
</summary>
</histogram>
<histogram name="SBClientPhishing.CSDPhishingCachedDataAvailable"
enum="BooleanAvailable" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the times we could have used the CSD images cache to reuse the
images for CSD-Phishing classification.
</summary>
</histogram>
<histogram name="SBClientPhishing.FlatBufferMappedRegionValid"
enum="BooleanSuccess" expires_after="2022-12-11">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether the shared memory region created to hold the flatbuffer was
created successfully on not. This is logged on dynamic model update (which
is rare), or on each startup.
</summary>
</histogram>
<histogram name="SBClientPhishing.FlatBufferScorer.CreationStatus"
enum="SBClientPhishingScorerCreationStatus" expires_after="2025-04-25">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the status when we create a FlatBuffer scorer object for the
client-side phishing detection classifier.
</summary>
</histogram>
<histogram name="SBClientPhishing.HighConfidenceAllowlistCheckDuration"
units="ms" expires_after="2025-06-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the duration it takes for high confidence allowlist check to
complete. This occurs in the client side detection PreClassificationCheck.
</summary>
</histogram>
<histogram
name="SBClientPhishing.HighConfidenceAllowlistMatchOnServerVerdictPhishy{RequestType}"
enum="BooleanMatched" expires_after="2025-06-26">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Logs whether the URL was on the high-confidence allowlist. Logged when the
post classification server model verdict comes back to be phishy.
</summary>
<token key="RequestType" variants="ClientSideDetectionRequestType"/>
</histogram>
<histogram name="SBClientPhishing.ImageEmbedder.Event"
enum="SBPhishingClassifierEvent" expires_after="2024-11-12">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records events in the phishing image embedder including reasons that
prevents image embedding process to complete on the renderer side.
</summary>
</histogram>
<histogram name="SBClientPhishing.ImageEmbeddingModelLoadTime.FlatbufferScorer"
units="ms" expires_after="2025-02-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records how long it takes the Flatbuffer scorer to load the TfLite model
file from the memory mapped file into a string. This blocks the main thread,
so we need to ensure it is small.
</summary>
</histogram>
<histogram name="SBClientPhishing.ImageEmbeddingModelVersionMatch"
enum="BooleanMatched" expires_after="2024-12-08">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Logs whether the image embedding model version is matched or not so that the
correctly paired trigger and image embedidng model are sent together to the
renderer process
</summary>
</histogram>
<histogram
name="SBClientPhishing.LoadReportTimesFromPrefAtServiceCreationSuccessful"
enum="BooleanSuccess" expires_after="2025-05-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether phishing report times load from profile at client side
detection service creation is successful or not.
</summary>
</histogram>
<histogram name="SBClientPhishing.LocalModelDetectsPhishing"
enum="BooleanIsPhishing" expires_after="2025-01-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether the local phishing detection model detects phishing. This
histogram is logged each time the model is run (roughly on every navigation
to a non-allowlisted site)
This metric is used to populate a dashboard on go/crsb-site.
</summary>
</histogram>
<histogram name="SBClientPhishing.MatchHighConfidenceAllowlist{RequestType}"
enum="ClientSideAllowlistMatchResult" expires_after="2025-06-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Record the match result of allowlists for specific {RequestType}. This is
logged during the client side detection host PreClassificationCheck.
</summary>
<token key="RequestType" variants="ClientSideDetectionRequestType"/>
</histogram>
<histogram name="SBClientPhishing.ModelDynamicUpdateSuccess"
enum="BooleanSuccess" expires_after="2025-02-16">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether a dynamic update is successful or not. This is logged when a
new model is pushed (rare), or on each startup.
</summary>
</histogram>
<histogram name="SBClientPhishing.ModelDynamicUpdateSuccess.ImageEmbedding"
enum="BooleanSuccess" expires_after="2025-09-29">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether a dynamic update of the image embedding model is successful
or not. This is logged when a new image embedding model is fetched, or on
each startup.
</summary>
</histogram>
<histogram name="SBClientPhishing.NetworkRequestDuration" units="ms"
expires_after="2025-03-19">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the the duration of a network request due to a client side phishing
ping.
</summary>
</histogram>
<histogram name="SBClientPhishing.NetworkResult"
enum="CombinedHttpResponseAndNetErrorCode" expires_after="2025-01-05">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the net error or HTTP response code after sending a network request
due to a client side phishing ping.
</summary>
</histogram>
<histogram name="SBClientPhishing.OptimizationGuide.ModelFetchTime" units="ms"
expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the duration of model fetch time after the OptimizationGuide Model
Observer for CSD-Phishing is registered on user session start.
</summary>
</histogram>
<histogram name="SBClientPhishing.PhishingDetectionDuration{RequestType}"
units="ms" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the duration it takes for client side phishing detection requested
by {RequestType} to finish. This occurs at the client side detection
PreClassificationCheck.
</summary>
<token key="RequestType" variants="ClientSideDetectionRequestType"/>
</histogram>
<histogram name="SBClientPhishing.PhishingDetectorResult{RequestType}"
enum="ClientSidePhishingResult" expires_after="2025-02-14">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
The result enum received from the renderer-side classifier. This is recorded
after every renderer classification (roughly every page load not on the
allowlist). {RequestType} indicates which process requested the
renderer-side classification.
This metric is used to populate a dashboard on go/crsb-site.
</summary>
<token key="RequestType" variants="ClientSideDetectionRequestType"/>
</histogram>
<histogram name="SBClientPhishing.PhishingImageEmbeddingResult"
enum="ClientSidePhishingImageEmbeddingResult" expires_after="2025-02-09">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
The result enum received from renderer-side image embedder. This is recorded
after every renderer image embedding which is expected to happen when the
user is subscribed to ESB, has an image embedding model loaded, and the page
is deemed phishy by the phishing classification process.
</summary>
</histogram>
<histogram name="SBClientPhishing.PreClassificationCheckResult"
enum="SBClientDetectionPreClassificationCheckResult"
expires_after="2025-01-26">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the result of phishing pre-classification checks. This is recorded
on every classification attempt (roughly every page load).
Starting in M95, the PRIVATE_IP bucket was split to include LOCAL_RESOURCE
and CHROME_UI_PAGE.
</summary>
</histogram>
<histogram name="SBClientPhishing.RTLookupForceRequest"
enum="BooleanForceRequest" expires_after="2025-02-10">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records if the RTUrlLookupResponse contains FORCE_REQUEST in
client_side_detection_type, which forces the Client Side Detection -
Phishing ping to be sent to the server if the user also has Enhanced Safe
Browsing or Safe Browsing Extended Reporting opt-in. This histogram is
logged once on every successful classification.
</summary>
</histogram>
<histogram name="SBClientPhishing.ServerModelDetectsPhishing{RequestType}"
enum="BooleanIsPhishing" expires_after="2025-04-23">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether the server-side phishing detection model detects phishing
for a specific {RequestType}. This histogram is logged each time we contact
Safe Browsing to evaluate whether a site is phishing.
</summary>
<token key="RequestType" variants="ClientSideDetectionRequestType"/>
</histogram>
<histogram name="SBClientPhishing.SkipPhishingRequestCheck"
enum="BooleanSuccess" expires_after="2025-05-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records whether phishing request was skipped because the profile prefs for
report times was not loaded at service creation.
</summary>
</histogram>
<histogram name="SBClientPhishing.TimeSinceLastReportAtLimit" units="ms"
expires_after="2025-06-12">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
When CSD service hits the ping limit and we are adding another entry, record
the time since last record.
</summary>
</histogram>
<histogram name="SBClientPhishing.VerdictParseSuccessful" enum="BooleanSuccess"
expires_after="2024-12-21">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records the success of parsing the verdict string received from renderer
classification.
This metric is used to validate that the verdict can always be successfully
parsed when the phishing detector result is SUCCESS
</summary>
</histogram>
<histogram name="SBClientPhishing.VisualFeaturesClearReason"
enum="CanExtractVisualFeaturesResult" expires_after="2024-12-30">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Log the reason why CSD-Phishing pings do not contain visual features images.
</summary>
</histogram>
<histogram name="SBClientPhishing.VisualFeatureTime" units="ms"
expires_after="2025-03-17">
<owner>[email protected]</owner>
<owner>[email protected]</owner>
<summary>
Records how long it took to extract visual features on the main thread. Work
performed off-thread is not recorded in this histogram. This is recorded on
every phishing classification.
</summary>
</histogram>
</histograms>
</histogram-configuration>
Codebase Browser
chromium