I ended up using this string of commands in case it helps someone else: grep --no-group-separator -B 1 SERVICE_TICKET_CREATED cas_audit.log | cut -d " " -f4 | sort | uniq -c | mail -s\ "$HOSTNAME login sessions" <list of email addresses>
Brief explanation: 1. Use grep to find when a service ticket is created within the audit log 2. -B1 to print the line right before it, which will contain the entity ID 3. no group separator just removes the "--" separator when "-B" is used 4. Cut the output and take the fourth field, this will contain the serviceID (unfortunately, left with an "empty" line from the service ticket created line, still working on something to clean that up) 5. sort the list of serviceIDs for piping to uniq 6. uniq -c prints the service ticket count from the list of services 7. Then do whatever you want with the output, I personally prefer an email. Ideally, I will add a way to check when sessions are removed on a user basis, then subtract the service tickets their session generated. Also, if you host in HA, it would be beneficial to combine the individual servers into a total count. On Thursday, February 25, 2021 at 3:25:39 PM UTC-5 Jeremiah Garmatter wrote: > Thanks Ray, > > I was afraid that would be the only way to do it. There go my hopes of > being lazy. Thanks anyway! > > On Thursday, February 25, 2021 at 3:20:06 PM UTC-5 Ray Bon wrote: > >> Jeremiah, >> >> You can get that data from the audit log. You will of course have to >> collate it yourself. >> >> Ray >> >> On Thu, 2021-02-25 at 11:31 -0800, Jeremiah Garmatter wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> >> Hello, >> >> I am looking for a way to view login statistics. Does CAS 6.2.X have a >> way to view how many people are logged into a specific application at a >> time, or rather, what services are hit to initiate the login session? >> >> I've checked the actuators and haven't found what I'm looking for yet. I >> thought that /actuators/ssoSessions could provide me with the info, but I >> was mistaken. /ssoSessions provides the active sessions but not services >> authenticated to. >> >> -- >> >> Ray Bon >> Programmer Analyst >> Development Services, University Systems >> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >> >> I respectfully acknowledge that my place of work is located within the >> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >> WSÁNEĆ Nations. >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/31bbf95f-0a74-4f4b-a203-81db52fe5d90n%40apereo.org.
