Rsyslog: Update the engineblock authentication parse script

* python3 compatability * Update lastseen table in stead of a seperate php script
OpenConext · Nov 28, 2024 · cac6247 · cac6247
1 parent c44dfb9
commit cac6247
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 39 deletions.
diff --git a/roles/rsyslog/tasks/process_auth_logs.yml b/roles/rsyslog/tasks/process_auth_logs.yml
@@ -1,12 +1,4 @@
 ---
-- name: Install PHP
-  yum:
-    name:
-      - php
-      - php-pdo
-      - php-mysql
-    state: present
-
 - name: Copy the log_logins and lastseen database table definitions
   copy:
     src: "{{ item }}"
@@ -51,36 +43,6 @@
   with_items: "{{ rsyslog_environments }}"
   when: item.db_loglogins_name is defined
 
-- name: Create last_login PHP script
-  template:
-    src: process_lastseen.php.j2
-    dest: /usr/local/sbin/process_lastseen_{{ item.name }}.php
-    mode: 0740
-    owner: root
-    group: root
-  with_items: "{{ rsyslog_environments }}"
-  when: item.db_loglogins_name is defined
-
-- name: Create logdir for lastseen cronjob output
-  file:
-    path: "{{ rsyslog_dir }}/apps/{{ item.name }}/lastseen"
-    state: directory
-    owner: root
-    group: root
-    mode: 0775
-  with_items: "{{ rsyslog_environments }}"
-  when: item.db_loglogins_name is defined
-
-- name: Create cronjobs for proecessing lastseen script
-  template:
-    src: cron_update_lastseen.j2
-    dest: /etc/cron.daily/update_lastseen_{{ item.name }}
-    owner: root
-    group: root
-    mode: 0774
-  with_items: "{{ rsyslog_environments }}" 
-  when: item.db_loglogins_name is defined
-
 - name: Put log_logins logrotate scripts
   template:
     src: logrotate_ebauth.j2

diff --git a/roles/rsyslog/templates/parse_ebauth_to_mysql.py.j2 b/roles/rsyslog/templates/parse_ebauth_to_mysql.py.j2
@@ -1,4 +1,4 @@
-#!/usr/bin/python2
+#!/usr/bin/python3
 # This script parses the files produced by engineblock and inserts them into a mySQL table where the SURFconext stats module will analyse the data further
 # This script is intended to be used during logrotate
 # It picks up all files starting with ebauth- (all rotated files) and parses them
@@ -18,6 +18,15 @@ workdir="{{ rsyslog_dir }}/log_logins/{{ item.name}}/"
 
 db = MySQLdb.connect(mysql_host,mysql_user,mysql_password,mysql_db )
 cursor = db.cursor()
+
+def update_lastseen(user_id, date):
+    query = """
+    REPLACE INTO last_login (userid, lastseen)
+    VALUES (%s, %s)
+    """
+    cursor.execute(query, (user_id, date))
+    db.commit()
+
 def load_in_mysql(a,b,c,d,e,f,g,h):
     sql = """insert into log_logins(idpentityid,spentityid,loginstamp,userid,keyid,sessionid,requestid,trustedproxyentityid) values(%s,%s,%s,%s,%s,%s,%s,%s)"""
     try:
@@ -46,11 +55,13 @@ def parse_lines(a):
      proxied_sp_entity_ids_list = data["context"]["proxied_sp_entity_ids"]
      proxied_sp_entity_ids = ''.join(proxied_sp_entity_ids_list)
      loginstamp=parse(timestamp).strftime("%Y-%m-%d %H:%M:%S")
+     last_login_date = parse(timestamp).strftime("%Y-%m-%d")
      null = 'NULL'
      if proxied_sp_entity_ids:
         load_in_mysql(idp,proxied_sp_entity_ids,loginstamp,user_id,key_id,session_id,request_id,sp)
      else:
         load_in_mysql(idp,sp,loginstamp,user_id,key_id,session_id,request_id,null)
+     update_lastseen(user_id, last_login_date)
 
 ## Loop over the files and parse them one by one
 for filename in os.listdir(workdir):