add logging support

scriptingislife · Feb 5, 2020 · 20e8efd · 20e8efd
1 parent 855ed76
commit 20e8efd
Show file tree

Hide file tree

Showing 3 changed files with 109 additions and 2 deletions.
diff --git a/Makefile b/Makefile
@@ -89,8 +89,8 @@ pack: clean fetch-dependencies
 # Update the test Lambda function with the current local code
 #
 deploy-test: pack
-	aws s3 cp ./build.zip s3://${S3_BUCKET}/${TEST_S3_KEY} --profile ${AWS_USER}
-	aws lambda update-function-code --function-name ${TEST_FUNCTION_NAME} --s3-bucket ${S3_BUCKET} --s3-key ${TEST_S3_KEY} --profile ${AWS_USER} 
+	aws s3 cp ./dist/function/build.zip s3://${S3_BUCKET}/${TEST_S3_KEY} --profile ${AWS_USER}
+	aws --region us-east-1 lambda update-function-code --function-name ${TEST_FUNCTION_NAME} --s3-bucket ${S3_BUCKET} --s3-key ${TEST_S3_KEY} --profile ${AWS_USER} 
 
 #
 # Copy the code from the test environment to

diff --git a/src/lambda_function.py b/src/lambda_function.py
@@ -7,6 +7,7 @@
 import glimpse_driver as gd
 from s3_help import S3
 from db_help import DynamoDB
+import logging_help
 from selenium.common.exceptions import WebDriverException
 
 # MD5 hash a string like the URL
@@ -121,6 +122,9 @@ def lambda_handler(event, context):
 
         db.put(db_data)
 
+        print('[!] Logging Scan')
+        logging_help.log_scan(db_data)
+
         return return_data
 
     except WebDriverException as e:

diff --git a/src/logging_help.py b/src/logging_help.py
@@ -0,0 +1,103 @@
+# Use this code snippet in your app.
+# If you need more information about configurations or implementing the sample code, visit the AWS docs:   
+# https://aws.amazon.com/developers/getting-started/python/
+
+import os
+import boto3
+import base64
+import requests
+from requests.auth import HTTPBasicAuth
+from botocore.exceptions import ClientError
+
+def get_secret():
+
+    secret_name = os.environ['LOGGING_KEY']
+    region_name = "us-east-1"
+
+    # Create a Secrets Manager client
+    session = boto3.session.Session()
+    client = session.client(
+        service_name='secretsmanager',
+        region_name=region_name
+    )
+
+    # In this sample we only handle the specific exceptions for the 'GetSecretValue' API.
+    # See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
+    # We rethrow the exception by default.
+
+    secret = ''
+    decoded_binary_secret = ''
+
+    try:
+        get_secret_value_response = client.get_secret_value(
+            SecretId=secret_name
+        )
+    except ClientError as e:
+        if e.response['Error']['Code'] == 'DecryptionFailureException':
+            # Secrets Manager can't decrypt the protected secret text using the provided KMS key.
+            # Deal with the exception here, and/or rethrow at your discretion.
+            raise e
+        elif e.response['Error']['Code'] == 'InternalServiceErrorException':
+            # An error occurred on the server side.
+            # Deal with the exception here, and/or rethrow at your discretion.
+            raise e
+        elif e.response['Error']['Code'] == 'InvalidParameterException':
+            # You provided an invalid value for a parameter.
+            # Deal with the exception here, and/or rethrow at your discretion.
+            raise e
+        elif e.response['Error']['Code'] == 'InvalidRequestException':
+            # You provided a parameter value that is not valid for the current state of the resource.
+            # Deal with the exception here, and/or rethrow at your discretion.
+            raise e
+        elif e.response['Error']['Code'] == 'ResourceNotFoundException':
+            # We can't find the resource that you asked for.
+            # Deal with the exception here, and/or rethrow at your discretion.
+            raise e
+    else:
+        # Decrypts secret using the associated KMS CMK.
+        # Depending on whether the secret is a string or binary, one of these fields will be populated.
+        if 'SecretString' in get_secret_value_response:
+            secret = get_secret_value_response['SecretString']
+        else:
+            decoded_binary_secret = base64.b64decode(get_secret_value_response['SecretBinary'])
+
+    if secret = ''
+        return decoded_binary_secret
+    else:
+        return secret
+
+def log_scan(db_data):
+    logdna = ''
+
+    try:
+        logdna = get_secret()
+    except Exception as e:
+        print(e)
+
+    print(logdna)
+
+    logdata = {
+        "lines": [
+            {
+                "line": "A new scan was initiated.",
+                "app": "glimpse",
+                "level": "INFO",
+                "env": "experiment",
+                "meta": {
+                    "urlhash": db_data["urlhash"],
+                    "url": db_data["url"],
+                    "effectiveurl": db_data["effectiveurl"],
+                    "title": db_data["title"],
+                    "timescanned": db_data["timescanned"],
+                    "numscans": int(db_data["numscans"])
+                }
+            }
+        ]
+    }
+
+    h_data = {"Content-Type": "application/json; charset=UTF-8"}
+
+    submission = requests.post('https://logs.logdna.com/logs/ingest?hostname=GLIMPSE', json=logdata, headers=h_data, auth=HTTPBasicAuth(logdna['logdna-ingestion'], ''))
+
+    if submission.status_code != 200: # or submission.json['status'] != "ok":
+        raise ValueError('Got status {}'.format(submission.status_code))