ADCM-5539

python/audit/cef_logger.py

@@ -28,7 +28,7 @@ class CEFLogConstants:
     device_product: str = "Arenadata Cluster Manager"
     adcm_version: str = settings.ADCM_VERSION
     operation_name_session: str = "User logged"
-    extension_keys: tuple[str, ...] = ("actor", "act", "operation", "resource", "result", "timestamp", "address")
+    extension_keys: tuple[str, ...] = ("actor", "act", "operation", "resource", "result", "timestamp", "address", "agent")
 
 
 def cef_logger(
@@ -49,6 +49,7 @@ def cef_logger(
         extension["result"] = audit_instance.login_result
         extension["timestamp"] = str(audit_instance.login_time)
         extension["address"] = audit_instance.address
+        extension["agent"] = audit_instance.agent
 
     elif isinstance(audit_instance, AuditLog):
         operation_name = audit_instance.operation_name
@@ -63,6 +64,7 @@ def cef_logger(
             severity = 3
         extension["timestamp"] = str(audit_instance.operation_time)
         extension["address"] = audit_instance.address
+        extension["agent"] = audit_instance.agent
 
     else:
         raise NotImplementedError

python/audit/middleware.py

@@ -25,6 +25,7 @@
 from audit.cef_logger import cef_logger
 from audit.models import AuditSession, AuditSessionLoginResult, AuditUser
 from audit.utils import get_client_ip
+from audit.utils import get_client_agent
 
 
 class LoginMiddleware:
@@ -35,6 +36,7 @@ def __init__(self, get_response):
     def _audit(
         request_path: str,
         request_host: str | None,
+        request_agent: str | None,
         user: User | AnonymousUser | None = None,
         username: str = None,
     ) -> tuple[User | None, AuditSessionLoginResult]:
@@ -59,7 +61,7 @@ def _audit(
             audit_user = AuditUser.objects.filter(username=user.username).order_by("-pk").first()
 
         audit_session = AuditSession.objects.create(
-            user=audit_user, login_result=result, login_details=details, address=request_host
+            user=audit_user, login_result=result, login_details=details, address=request_host, agent=request_agent
         )
         cef_logger(audit_instance=audit_session, signature_id=resolve(request_path).route)
 
@@ -165,6 +167,7 @@ def __call__(self, request):
         user, result = self._audit(
             request_path=request.path,
             request_host=get_client_ip(request=request),
+            request_agent=get_client_agent(request=request),
             user=request.user,
             username=username,
         )

python/audit/migrations/0007_add_agent.py

@@ -0,0 +1,35 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Generated by Django 3.2.19 on 2023-11-14 08:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("audit", "0006_add_address"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="auditlog",
+            name="agent",
+            field=models.CharField(max_length=255, null=True),
+        ),
+        migrations.AddField(
+            model_name="auditsession",
+            name="agent",
+            field=models.CharField(max_length=255, null=True),
+        ),
+    ]
+

python/audit/models.py

@@ -95,6 +95,7 @@ class AuditLog(Model):
     user = ForeignKey(AuditUser, on_delete=CASCADE, null=True)
     object_changes = JSONField(default=dict)
     address = CharField(max_length=255, null=True)
+    agent = CharField(max_length=255, null=True)
 
 
 class AuditSession(Model):
@@ -103,6 +104,7 @@ class AuditSession(Model):
     login_time = DateTimeField(auto_now_add=True)
     login_details = JSONField(default=dict, null=True)
     address = CharField(max_length=255, null=True)
+    agent = CharField(max_length=255, null=True)
 
 
 @dataclass

python/audit/utils.py

@@ -571,6 +571,7 @@ def wrapped(*args, **kwargs):
                 user=audit_user,
                 object_changes=object_changes,
                 address=get_client_ip(request=request),
+                agent=get_client_agent(request=request),
             )
             cef_logger(audit_instance=auditlog, signature_id=resolve(request.path).route)
 
@@ -620,7 +621,14 @@ def get_client_ip(request: WSGIRequest) -> str | None:
             break
 
     return host
-
+
+
+def get_client_agent(request: WSGIRequest) -> str | None:
+    user_agent = request.META.get("HTTP_USER_AGENT")
+    if user_agent:
+        return user_agent[:255]
+    return None
+
 
 def audit_job_finish(owner: NamedCoreObject, display_name: str, is_upgrade: bool, job_result: ExecutionStatus) -> None:
     operation_name = f"{display_name} {'upgrade' if is_upgrade else 'action'} completed"