From 798ff78db897fa44fa5d22847f6fec51069871ad Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 8 Feb 2018 12:16:55 +0100 Subject: [syslog] Add option to anonymize log entries after X days Closes #3301 --- modules-available/syslog/hooks/cron.inc.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'modules-available/syslog/hooks/cron.inc.php') diff --git a/modules-available/syslog/hooks/cron.inc.php b/modules-available/syslog/hooks/cron.inc.php index bae882a9..62516648 100644 --- a/modules-available/syslog/hooks/cron.inc.php +++ b/modules-available/syslog/hooks/cron.inc.php @@ -1,7 +1,28 @@ dateline"); + // Anonymize if requested + $days = Property::get('syslog.anon-days', 0); + if ($days > 0) { + $cutoff = time() - ($days * 86400); + Database::exec("UPDATE clientlog SET description = '[root] User logged in' + WHERE $cutoff > dateline AND logtypeid = 'session-open' AND description NOT LIKE '[root] User %'"); + Database::exec("UPDATE clientlog SET description = '[root] User logged out' + WHERE $cutoff > dateline AND logtypeid = 'session-close' AND description NOT LIKE '[root] User %'"); + Database::exec("UPDATE clientlog SET description = '-', extra = '' + WHERE $cutoff > dateline AND description NOT LIKE '-' + AND logtypeid NOT IN ('session-open', 'session-close', 'idleaction-busy', 'partition-temp', + 'partition-swap', 'smartctl-realloc', 'vmware-netifup', 'vmware-insmod', 'firewall-script-apply', + 'mount-vm-tmp-fail')"); + if (Module::get('statistics') !== false) { + Database::exec("UPDATE statistic SET username = 'anonymous' + WHERE $cutoff > dateline AND username NOT LIKE 'anonymous' AND username NOT LIKE ''"); + Database::exec("UPDATE machine SET currentuser = NULL + WHERE $cutoff > lastseen AND currentuser IS NOT NULL"); + } + } if (mt_rand(1, 100) === 1) { Database::exec("OPTIMIZE TABLE clientlog"); } -- cgit v1.2.3-55-g7522