From b1a2174e7cfb38cd68a941d2f0bc94510a434627 Mon Sep 17 00:00:00 2001 From: Jonathan Branan Date: Sat, 17 Aug 2024 13:33:09 -0500 Subject: [PATCH] Fixed an issue where login transactions weren't being filtered. --- inex.py | 5 ++++- inexDataProcessing.py | 33 ++++++++++++++++++++++----------- 2 files changed, 26 insertions(+), 12 deletions(-) diff --git a/inex.py b/inex.py index 7b70b58..42f04ee 100644 --- a/inex.py +++ b/inex.py @@ -51,8 +51,11 @@ class Inex: self.pushToplatform = self.config["output"]["pushToplatform"] self.queryOverride = self.config["database"]["overrideEmbeddedquery"] self.queryDaystopull = self.config["database"]["daysTopull"] - except: + except Exception as e: print("No config.toml or possibly missing settings in the file. Please use config.toml.example file and configure appropriately") + self.il.error(e) + print(e) + exit(1) if "dev" in self.selectedPlatform.lower(): diff --git a/inexDataProcessing.py b/inexDataProcessing.py index 45a79b6..e17b08b 100644 --- a/inexDataProcessing.py +++ b/inexDataProcessing.py @@ -4,15 +4,21 @@ def processData(data, template, **kwargs): additional data to insert into the template.""" processedData = [] transactionLoginid = [] - + for row in data: # print(f'Row: {row}') - if identifyUtype(row.get('Command')) == "other": + # must set variables for the different templates and do logic based on that. Do not call identifyUtype many times + identifyUtypecommand = identifyUtype(row.get('Command')) + + if identifyUtypecommand == "other": continue + if row.get('Command') == None: continue + + userType = identifyUserType(row.get('user_type')) try: - processedData.append(template(identifyUtype(row.get('Command')),\ + processedData.append(template(identifyUtypecommand,\ prd_ext_tenant_name=kwargs.get('prd_ext_tenant_name'),\ user_uid=row.get('TransactionID'),\ status_detail=row.get('Description'),\ @@ -37,18 +43,22 @@ def processData(data, template, **kwargs): bytes=row.get('BytesTransferred'),\ time=row.get('Time_stamp'),\ duration=row.get('TransferTime'),\ - user_type=identifyUserType(row.get('user_type')),\ + user_type=userType,\ user_name=row.get('Actor'),\ user_home_directory=row.get('VirtualFolderName'),\ - utype=identifyUtype(row.get('Command')))) + utype=identifyUtypecommand)) except UnboundLocalError: print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}') + continue + identifyUtypetransactionObject = identifyUtype(row.get('TransactionObject')) + + if identifyUtypetransactionObject == "other": continue if row.get('TransactionGUID') not in transactionLoginid: try: - processedData.append(template(identifyUtype(row.get('TransactionObject')),\ + processedData.append(template(identifyUtypetransactionObject,\ prd_ext_tenant_id=kwargs.get('prd_ext_tenant_id'),\ prd_ext_tenant_name=kwargs.get('prd_ext_tenant_name'),\ status_detail=row.get('Description'),\ @@ -68,10 +78,10 @@ def processData(data, template, **kwargs): time=row.get('Time_stamp'),\ user_session_uid=row.get('TransactionID'),\ user_uid=row.get('TransactionID'),\ - user_type=identifyUserType(row.get('user_type')),\ + user_type=userType,\ user_name=row.get('Actor'),\ user_home_directory=row.get('PhysicalFolderName'),\ - utype=identifyUtype(row.get('TransactionObject'))\ + utype=identifyUtypetransactionObject\ )) transactionLoginid.append(row.get('TransactionGUID')) except UnboundLocalError: @@ -89,6 +99,7 @@ def identifyUserType(obj): return "User" else: return None + def identifyUtype(obj): """Process Type of transaction based on string that passed in. Return transaction type.""" @@ -99,11 +110,11 @@ def identifyUtype(obj): if obj in user_logged_on: return "user_logged_on" - if obj in file_deleted: + elif obj in file_deleted: return "file_deleted" - if obj in file_uploaded: + elif obj in file_uploaded: return "file_uploaded" - if obj in file_downloaded: + elif obj in file_downloaded: return "file_downloaded" else: return "other" \ No newline at end of file