The aggregator will collect information about who is logged in where from two locations:
Linux - poll computers for name of logged in user
Windows - scrape a file that Noyes will give us
The information that has been collected wiil then be sent to Flamongo for storage in the database.
The Aggregator will
- Tell the backend who is currently logged in to a Linux or Windows machine, and provide a timestamp.
- Poll, with some frequency, each of the lab machines in 102
Listing all machines
On CCIS machines, there is a Perl script at
/ccis/bin/hostbase. Hostbase manages all the machines at CCIS.
We only need to match the 10 minute interval set by the current windows data.
The work flow.
This is the current envisioned workflow.
- Fetch all
/var/log/wtmpfiles from the hosts we care about (i.e. lab machines).
- Parse them into JSON (via wtmp2json, a small C program in the aggregator repo).
- Store the data into the backend.
We need to be careful not to store duplicate data.
Steps 1 and 2 can be accomplished using a simple shell script (i.e. a for loop of
wtmp2json <file>). However, we need this to run continuously.
The data semantics
/var/log/wtmp has different types of records. The ones we will care about are
BOOT_TIME. The device parameter will tell us whether we have a remote or a local user ("tty[0-9]" indicates local user, "pts/[0-9]+" indicates a remote user).
We want an aggregate count of local users, remote users, and overall every 10 minutes.
- The man page for
Upon deliberation with systems, we are now getting login, logout events and not just the sampling points. the new format will be
We are responsible for deleting the generated files
Chris Noyes will provide us access to a file see logins to Windows machines in the following format:
We will poll this file with some frequency and make API calls to the backend to insert each row into the database.