Improve ebauth log parsing, and parse stepup-authentication logs also#558
Improve ebauth log parsing, and parse stepup-authentication logs also#558
Conversation
phavekes
force-pushed
the
feature/improve_ebauth_parse_script
branch
from
c757189 to
c4e408e
Compare
| VALUES (%s, %s) | ||
| ON DUPLICATE KEY UPDATE | ||
| lastseen = GREATEST(lastseen, VALUES(lastseen)) | ||
| """ |
| db.commit() | ||
| except Exception as e: | ||
| db.rollback() | ||
| print(f"Error updating last_login for user {user_id}: {e}") |
| continue | ||
|
|
||
| # 1. Filtering condition: Only parse logs having authentication_result:OK | ||
| if data.get("authentication_result") != "OK": |
There was a problem hiding this comment.
Only successful authentications are logged, so this check is not necessary. There is currently a bug in the Stepup-Gateway where FAILED is logged, even though the result is OK, making this check do the wrong thing now.
pmeulen
left a comment
pmeulen
left a comment
There was a problem hiding this comment.
This filename is strange: parse_stepupauthauth_to_mysql.py.j2 (two times auth)
| if data.get("authentication_result") != "OK": | ||
| continue | ||
|
|
||
| # 2. Extract required fields |
There was a problem hiding this comment.
The fields are in a JSON dict "context", not in the top level dict.
E.g. Correct: user_id = data.get("context").("identity_id")
otherwise user_id and timestamp will always be none and nothing will happen.
| idp_entity_id = data.get("authenticating_idp") | ||
|
|
||
| # Basic data validation | ||
| if not user_id or not timestamp: |
There was a problem hiding this comment.
We want to know if this fails. Now it fails silently, which means we would miss if this is not working.
| loginstamp = parse(timestamp).strftime("%Y-%m-%d %H:%M:%S") | ||
| last_login_date = parse(timestamp).strftime("%Y-%m-%d") | ||
| except: | ||
| continue |
There was a problem hiding this comment.
Same: this fails silently. Not what we want.
2 participants
No description provided.