mirror of https://github.com/jumpserver/jumpserver
				
				
				
			
		
			
				
	
	
		
			59 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Python
		
	
	
			
		
		
	
	
			59 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Python
		
	
	
| # -*- coding: utf-8 -*-
 | |
| #
 | |
| import pytz
 | |
| 
 | |
| from datetime import datetime
 | |
| 
 | |
| from common.utils import get_logger
 | |
| from common.plugins.es import ES
 | |
| 
 | |
| 
 | |
| logger = get_logger(__file__)
 | |
| 
 | |
| 
 | |
| class CommandStore(ES):
 | |
|     def __init__(self, config):
 | |
|         properties = {
 | |
|             "session": {
 | |
|                 "type": "keyword"
 | |
|             },
 | |
|             "org_id": {
 | |
|                 "type": "keyword"
 | |
|             },
 | |
|             "@timestamp": {
 | |
|                 "type": "date"
 | |
|             },
 | |
|             "timestamp": {
 | |
|                 "type": "long"
 | |
|             }
 | |
|         }
 | |
|         exact_fields = {}
 | |
|         match_fields = {'input', 'risk_level', 'user', 'asset', 'system_user'}
 | |
|         keyword_fields = {'session', 'org_id'}
 | |
| 
 | |
|         super().__init__(config, properties, keyword_fields, exact_fields, match_fields)
 | |
| 
 | |
|     @staticmethod
 | |
|     def make_data(command):
 | |
|         data = dict(
 | |
|             user=command["user"], asset=command["asset"],
 | |
|             account=command["account"], input=command["input"],
 | |
|             output=command["output"], risk_level=command["risk_level"],
 | |
|             session=command["session"], timestamp=command["timestamp"],
 | |
|             org_id=command["org_id"]
 | |
|         )
 | |
|         data["date"] = datetime.fromtimestamp(command['timestamp'], tz=pytz.UTC)
 | |
|         return data
 | |
| 
 | |
|     @staticmethod
 | |
|     def handler_time_field(data):
 | |
|         timestamp__gte = data.get('timestamp__gte')
 | |
|         timestamp__lte = data.get('timestamp__lte')
 | |
|         timestamp_range = {}
 | |
| 
 | |
|         if timestamp__gte:
 | |
|             timestamp_range['gte'] = timestamp__gte
 | |
|         if timestamp__lte:
 | |
|             timestamp_range['lte'] = timestamp__lte
 | |
|         return 'timestamp', timestamp_range
 |