Active sessions

[Thomas]

Hi
Can I see opened sessions? I mean IP address, username, last request, idle time etc.
I haven't found such window so I'm thinking about a database query. Is it possible?

[Erwin van der Zwart]

Hi,

Getting client IP is possible (also by .lp as this must be server side handled) but the other items are not available, at least not in the DB..

By why? What is the use case?

BR,

Erwin

[Thomas]

Hi
I would like to see who's online and from where. My actual problem was to identify computers where a specific user was logged on. Because I a plan to disable that user and I wanted to change credentials on affected computers.
But the main reason is security. I simply want to see who's logged on, from where and how long. Every other systems like databases, domain controllers etc. supports this function. I understand LM is mainly focused to home / SoHo market but I think if you add few security features like I mentioned above, access rights to user groups and not to user, roles, LDAP authorization, logging then LM will be great tool for enterprise too.

Could you send me that database query please?

Thank you

[Erwin van der Zwart]

Hi,

As mentioned before, the data is not available in the DB so there is no query to get the data you want ..

BR,

Erwin

[Thomas]

You wrote "Getting client IP is possible". Could you please send me query for getting IP addresses?
Thank you.

[Erwin van der Zwart]

Hi,

If you want to have a solution for enterprise market you might better look at our solution Schneider Electric Ecostruxure Building Operation, this platform is fully compatible with latest IT standards, LDAP, SSO, domains and communicates secure over HTTPS between all locations (worldwide) of the enterprise. spaceLYnk and homeLYnk are used in these kind of architectures as powerfull bridge to KNX. This platform brings all power of KNX, BACnet (MSTP and IP), LON, Modbus (RTU and IP), Webservices and IT standards together in the most powerfull way. See: Ecostruxure Building Operation

But if you want to use LM for monitoring access logs you can try this:

Code:

db:getall('SELECT * FROM user_logs')

BR,

Erwin

[Thomas]

If someone is interested in then there's working code:
Store the code in your library
Call it in your init script

Call user/sessions.lp in a frame in your visu.

Code:

function ecl_init_sessions()
 ls_app=[[<?
 local lt_sessions
 local ls_out
 require('apps')
 lt_sessions=db:getall('SELECT login, ip, created FROM user_logs group by login, ip  order by Created desc')

 ls_out="<html>"
 ls_out=ls_out.."<style>\n"
 ls_out=ls_out.."table {\n"
 ls_out=ls_out.."    font-family: arial, sans-serif;\n"
 ls_out=ls_out.."    border-collapse: collapse;\n"
 ls_out=ls_out.."    width: 100%;\n"
 ls_out=ls_out.."}\n"

 ls_out=ls_out.."td, th {\n"
 ls_out=ls_out.."    border: 1px solid #dddddd;\n"
 ls_out=ls_out.."    text-align: left;\n"
 ls_out=ls_out.."    padding: 2px;\n"
 ls_out=ls_out.."}\n"

 ls_out=ls_out.."tr:nth-child(even) {\n"
 ls_out=ls_out.."    background-color: #dddddd;\n"
 ls_out=ls_out.."}\n"
 ls_out=ls_out.."</style>\n"

 ls_out=ls_out.."<body><table>"
 ls_out=ls_out.."<tr>"
 ls_out=ls_out.."<th>Login</th>"
 ls_out=ls_out.."<th>IP</th>"
 ls_out=ls_out.."<th>Created</th>"
 ls_out=ls_out.."</tr>"

 for index, value in ipairs(lt_sessions) do
   ls_out=ls_out.."<tr>"
   ls_out=ls_out.."<td>"..value.login.."</td>"
   ls_out=ls_out.."<td>"..value.ip.."</td>"
   ls_out=ls_out.."<td>"..os.date("%d.%m.%Y %X",value.created).."</td>"  
   ls_out=ls_out.."</tr>"
 end

 ls_out=ls_out.."</table></html></body>"
 print(ls_out)
 ?>]]
 io.writefile('/www/user/sessions.lp',ls_app)
end

[admin]

The same data can be viewed in User access > Access logs

[Thomas]

The same data can be viewed in User access > Access logs

Hmm, you're right. Can I filter in the query just active sessions?
Thank you

[Erwin van der Zwart]

Hi,

Only thing you can do is compare created time stamp with os.time(), i also wouldn't use io.writefile in these kind of scripts as a lot of writing to SD card is not adviced....

BR,

Erwin

[Thomas]

Hi,

Only thing you can do is compare created time stamp with os.time(), i also wouldn't use io.writefile in these kind of scripts as a lot of writing to SD card is not adviced....

BR,

Erwin

Only thing you can do is compare created time stamp with os.time()
Unfortunately I can't. Created looks like the time of the first contact. Not the latest request taken from the client. In my network I've computers logged on with active session for months.

i also wouldn't use io.writefile in these kind of scripts as a lot of writing to SD card is not adviced....
Thsi script runs only once as a part of the init script. It just creates sessions.lp file.

[admin]

Active connections are not stored anywhere. It's possible to get a list of IPs that are currently connected to the system from the OS but then you won't have login names.

[Thomas]

List of IPs would be enoughfor me if there's no a better solution. How can I obtain it?

[admin]

You can filter the result by local port (80 or 443) and also by TCP state. TCP_ESTABLISHED should be enough since visualization uses web sockets where connection is always open during an active session.

Code:

states = {
  'TCP_ESTABLISHED',
  'TCP_SYN_SENT',
  'TCP_SYN_RECV',
  'TCP_FIN_WAIT1',
  'TCP_FIN_WAIT2',
  'TCP_TIME_WAIT',
  'TCP_CLOSE',
  'TCP_CLOSE_WAIT',
  'TCP_LAST_ACK',
  'TCP_LISTEN',
  'TCP_CLOSING',
};

-- convert hex to readable IP
function toip(hex)
  local res = {}

  for i = 4, 1, -1 do
    local j = (i - 1) * 2 + 1
    local ch = hex:sub(j, j + 1)
    res[ #res + 1 ] = tonumber(ch, 16)
  end

  return table.concat(res, '.')
end

for line in io.lines('/proc/net/tcp') do
  local_ip, local_port, remote_ip, remote_port, state =
    line:match('(%x+):(%x+)%s+(%x+):(%x+)%s+(%x+)')

  -- valid line
  if local_ip and local_port and remote_ip and remote_port and state then
    local_ip = toip(local_ip)
    local_port = tonumber(local_port, 16)

    remote_ip = toip(remote_ip)
    remote_port = tonumber(remote_port, 16)

    state = states[ tonumber(state, 16) ]

    log(local_ip, local_port, remote_ip, remote_port, state)
  end
end

[Thomas]

Thank you