start capturing events into elasticsearch and say so in privacy page

mm-logging
lza_menace 4 years ago
parent 875897f067
commit 86fd1ecbcc

@ -1,8 +1,10 @@
version: '3' version: '3'
volumes:
grafana:
services: services:
db: db:
image: postgres:9.6.15-alpine image: postgres:9.6.15-alpine
container_name: db container_name: wowstash_db
ports: ports:
- 5433:5432 - 5433:5432
environment: environment:
@ -13,6 +15,27 @@ services:
- ./data/postgresql:/var/lib/postgresql/data - ./data/postgresql:/var/lib/postgresql/data
cache: cache:
image: redis:latest image: redis:latest
container_name: cache container_name: wowstash_cache
ports: ports:
- 6379:6379 - 6379:6379
kibana:
image: docker.elastic.co/kibana/kibana:7.1.0
ports:
- 5601:5601
environment:
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.1.0
environment:
- discovery.type=single-node
- node.name=elasticsearch
- cluster.name=es-docker-cluster
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- ./data/elasticsearch:/usr/share/elasticsearch/data
ports:
- 9200:9200

@ -9,5 +9,5 @@ flask-bcrypt
flask-login flask-login
qrcode qrcode
Pillow Pillow
git+https://github.com/lalanza808/MoneroPy
docker docker
elasticsearch

@ -7,6 +7,7 @@ from wowstash.forms import Register, Login
from wowstash.models import User from wowstash.models import User
from wowstash.factory import db, bcrypt from wowstash.factory import db, bcrypt
from wowstash.library.docker import docker from wowstash.library.docker import docker
from wowstash.library.elasticsearch import send_es
@auth_bp.route("/register", methods=["GET", "POST"]) @auth_bp.route("/register", methods=["GET", "POST"])
@ -32,7 +33,8 @@ def register():
db.session.add(user) db.session.add(user)
db.session.commit() db.session.commit()
# Login user and redirect to wallet page # Capture event, login user and redirect to wallet page
send_es({'type': 'register', 'user': user.email})
login_user(user) login_user(user)
return redirect(url_for('wallet.dashboard')) return redirect(url_for('wallet.dashboard'))
@ -61,7 +63,8 @@ def login():
flash('Invalid username or password.') flash('Invalid username or password.')
return redirect(url_for('auth.login')) return redirect(url_for('auth.login'))
# Login user and redirect to wallet page # Capture event, login user, and redirect to wallet page
send_es({'type': 'login', 'user': user.email})
login_user(user) login_user(user)
return redirect(url_for('wallet.dashboard')) return redirect(url_for('wallet.dashboard'))
@ -71,6 +74,8 @@ def login():
def logout(): def logout():
if current_user.is_authenticated: if current_user.is_authenticated:
docker.stop_container(current_user.wallet_container) docker.stop_container(current_user.wallet_container)
send_es({'type': 'stop_container', 'user': current_user.email})
current_user.clear_wallet_data() current_user.clear_wallet_data()
send_es({'type': 'logout', 'user': current_user.email})
logout_user() logout_user()
return redirect(url_for('meta.index')) return redirect(url_for('meta.index'))

@ -10,6 +10,7 @@ from socket import socket
from datetime import datetime from datetime import datetime
from wowstash.blueprints.wallet import wallet_bp from wowstash.blueprints.wallet import wallet_bp
from wowstash.library.docker import docker from wowstash.library.docker import docker
from wowstash.library.elasticsearch import send_es
from wowstash.library.jsonrpc import Wallet, to_atomic from wowstash.library.jsonrpc import Wallet, to_atomic
from wowstash.library.cache import cache from wowstash.library.cache import cache
from wowstash.forms import Send from wowstash.forms import Send
@ -58,6 +59,7 @@ def dashboard():
seed = wallet.seed() seed = wallet.seed()
spend_key = wallet.spend_key() spend_key = wallet.spend_key()
view_key = wallet.view_key() view_key = wallet.view_key()
send_es({'type': 'load_dashboard', 'user': current_user.email})
return render_template( return render_template(
'wallet/dashboard.html', 'wallet/dashboard.html',
transfers=all_transfers, transfers=all_transfers,
@ -124,11 +126,13 @@ def send():
# Check if Wownero wallet is available # Check if Wownero wallet is available
if wallet.connected is False: if wallet.connected is False:
flash('Wallet RPC interface is unavailable at this time. Try again later.') flash('Wallet RPC interface is unavailable at this time. Try again later.')
send_es({'type': 'tx_fail_rpc_unavailable', 'user': user.email})
return redirect(redirect_url) return redirect(redirect_url)
# Quick n dirty check to see if address is WOW # Quick n dirty check to see if address is WOW
if len(address) not in [97, 108]: if len(address) not in [97, 108]:
flash('Invalid Wownero address provided.') flash('Invalid Wownero address provided.')
send_es({'type': 'tx_fail_address_invalid', 'user': user.email})
return redirect(redirect_url) return redirect(redirect_url)
# Check if we're sweeping or not # Check if we're sweeping or not
@ -140,6 +144,7 @@ def send():
amount = to_atomic(Decimal(send_form.amount.data)) amount = to_atomic(Decimal(send_form.amount.data))
except: except:
flash('Invalid Wownero amount specified.') flash('Invalid Wownero amount specified.')
send_es({'type': 'tx_fail_amount_invalid', 'user': user.email})
return redirect(redirect_url) return redirect(redirect_url)
# Send transfer # Send transfer
@ -148,9 +153,12 @@ def send():
# Inform user of result and redirect # Inform user of result and redirect
if 'message' in tx: if 'message' in tx:
msg = tx['message'].capitalize() msg = tx['message'].capitalize()
msg_lower = tx['message'].replace(' ', '_').lower()
flash(f'There was a problem sending the transaction: {msg}') flash(f'There was a problem sending the transaction: {msg}')
send_es({'type': f'tx_fail_{msg_lower}', 'user': user.email})
else: else:
flash('Successfully sent transfer.') flash('Successfully sent transfer.')
send_es({'type': 'tx_success', 'user': user.email})
return redirect(redirect_url) return redirect(redirect_url)
else: else:

@ -4,6 +4,8 @@ from socket import socket
from wowstash import config from wowstash import config
from wowstash.models import User from wowstash.models import User
from wowstash.library.jsonrpc import daemon from wowstash.library.jsonrpc import daemon
from wowstash.library.elasticsearch import send_es
class Docker(object): class Docker(object):
def __init__(self): def __init__(self):
@ -38,6 +40,7 @@ class Docker(object):
} }
} }
) )
send_es({'type': 'create_wallet', 'user': u.email})
return container.short_id return container.short_id
def start_wallet(self, user_id): def start_wallet(self, user_id):
@ -73,6 +76,7 @@ class Docker(object):
} }
} }
) )
send_es({'type': 'start_wallet', 'user': u.email})
return container.short_id return container.short_id
except APIError as e: except APIError as e:
if str(e).startswith('409'): if str(e).startswith('409'):

@ -0,0 +1,21 @@
from datetime import datetime
from elasticsearch import Elasticsearch
from wowstash import config
def send_es(data):
try:
es = Elasticsearch(
[getattr(config, 'ELASTICSEARCH_HOST', 'localhost')]
)
now = datetime.utcnow()
index_ts = now.strftime('%Y%m%d')
data['datetime'] = now
es.index(
index="{}-{}".format(
getattr(config, 'ELASTICSEARCH_INDEX_NAME', 'wowstash'),
index_ts
), body=data)
except Exception as e:
print('Could not capture event in Elasticsearch: ', e)
pass # I don't really care if this logs...

@ -17,9 +17,9 @@
<ul> <ul>
<li>Web server access logs (Source IP address, browser user-agent, page requests, etc)</li> <li>Web server access logs (Source IP address, browser user-agent, page requests, etc)</li>
<li>Email address and salted/hashed password (registration)</li> <li>Email address and salted/hashed password (registration)</li>
<li>Application events and metrics (function execution and the user who triggered)</li>
</ul> </ul>
<p>I don't actively track or monitor any of this though. I might check logs for troubleshooting purposes. I don't even know what a privacy policy is supposed to be for, to be honest. Just trying to be legit.</p> <p>I check logs and capture events for troubleshooting purposes only. None of this data is shared with any third parties because I'm not a fucking lame.</p>
<p>None of this data is shared with any third parties because I'm not a fucking lame.</p>
</div> </div>
</div> </div>
</div> </div>

Loading…
Cancel
Save