Commit 89bb907e authored by Cédric BRINER's avatar Cédric BRINER
Browse files

function extract-log-mfa added

parent 26e7f8ba
......@@ -1388,7 +1388,7 @@ EOF
| sed -E "s|(\s*AuthLDAPBindPassword\s+)(.*)\$|\1$ldap_password|" \
| sed "s|${ldap_url_here}|${ldap_url_remote}|" \
| ssh root@${h} " cat - > /etc/apache2/mods-available/ldap.conf"
# disable/enable site
echo -e " \e[34m- enable site\e[0m"
......@@ -2026,6 +2026,36 @@ function aacli
# AACLI END
###########################
function extract_log_mfa_jsessionid
{
username=${1}
logpath=${2}
(
zgrep -w "${username}" "${logpath}"
#zgrep -iA1 User-Name "${logpath}" | grep -v -- -- | grep -v User-Name
) | grep -Po "jsessionID:\S+" | sort -u | cut -d ":" -f2
}
function extract_log_mfa
{
username=$1
if [[ -z ${username} ]]; then
pr "A username should be provided"
usage_n_exit
fi
for logpath in $(ls -t1 /opt/shibboleth-idp/logs/idp-process*); do
pb "check log $(basename $logpath) to find user (${username})"
for jsessionid in $(extract_log_mfa_jsessionid "$username" "${logpath}"); do
pb " - found jsesionID: ${jsessionid}"
zgrep -P -w "${username}|${jsessionid}" "${logpath}" \
| grep -P --color "${username}|Access-\S+|${jsessionid}"
done
pb " - shall we check a previous log file [y/N] : "
read do_read_previous_log_file
if [[ $do_read_previous_log_file != "y" ]]; then
exit 0
fi
done
}
function usage_n_exit
......@@ -2041,7 +2071,7 @@ function usage_n_exit
pb " | rewar"
pb " | reload <pattern_beans> [host,[...]]"
pb " | aacli [-h | -l [<entityId>] | [-r] <user> <entityId>]"
pb " | "
pb " | extract-log-mfa <username>"
pb " ]"
pb ""
pb "Info:"
......@@ -2058,6 +2088,7 @@ function usage_n_exit
pb " reload <pattern_beans> [host,[...]]"
pb " host: is not specified then do it on this host"
pb " pattern_beans: is a perl RE on the first raw of the following\e[0m"
pb " extract-log-mfa: show the interesting log for the mfa.\e[0m"
{
echo -en "\e[34m"
get_beans_id_n_descriptions
......@@ -2114,7 +2145,7 @@ case "$1" in
# debugging sync options
#echo "mysql ($RESTART_MYSQL), other ($RESTART_OTHER_DAEMON)"
# exit
# host
if test -z "$1"
then
......@@ -2149,6 +2180,9 @@ case "$1" in
adjust)
adjust
;;
extract-log-mfa)
extract_log_mfa $2
;;
*)
usage_n_exit
;;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment