Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create FAC Log Review Dashboard #4028

Merged
merged 15 commits into from
Jul 12, 2024
Merged

Create FAC Log Review Dashboard #4028

merged 15 commits into from
Jul 12, 2024

Conversation

asteel-gsa
Copy link
Contributor

@asteel-gsa asteel-gsa commented Jun 27, 2024
edited
Loading

This PR creates a dashboard, managed in terraform for each environment that will have all necessary items (as of now) to complete a log review process.

Image for what the dashboard contains can be found here in slack

Dashboard: NR Dashboard (if no one deploys over it in preview)

@asteel-gsa asteel-gsa requested a review from a team June 27, 2024 20:02
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 27, 2024
edited
Loading

Terraform plan for dev

Plan: 1 to add, 0 to change, 0 to destroy. 
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+   create

Terraform will perform the following actions:

  # module.dev.module.newrelic.newrelic_one_dashboard.log_review_dashboard will be created
+   resource "newrelic_one_dashboard" "log_review_dashboard" {
+       account_id  = (known after apply)
+       guid        = (known after apply)
+       id          = (known after apply)
+       name        = "FAC Log Review (dev)"
+       permalink   = (known after apply)
+       permissions = "public_read_only"

+       page {
+           guid = (known after apply)
+           name = "FAC Log Review"

+           widget_billboard {
+               column         = 1
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 1
+               title          = "Submission Count"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "From Transaction SELECT count(*) as 'Submissions' WHERE appName = 'gsa-fac-dev' and request.method = 'POST' and request.uri like '/audit/submission/%' since 1 week ago"
                }
            }
+           widget_billboard {
+               column         = 4
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 1
+               title          = "Excel Uploads"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "FROM Metric SELECT count(*) AS 'Total uploads', average(apm.service.transaction.duration) AS 'Average time (s)' WHERE appName = 'gsa-fac-dev' AND path LIKE 'audit.views.views:ExcelFileHandlerView.post'"
                }
            }
+           widget_billboard {
+               column         = 7
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 1
+               title          = "Single Audit Report Uploads"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "FROM Metric SELECT count(*) AS 'Total uploads', average(apm.service.transaction.duration) AS 'Average time (s)' WHERE appName = 'gsa-fac-dev' AND path LIKE 'audit.views.upload_report_view:UploadReportView.post'"
                }
            }
+           widget_billboard {
+               column         = 10
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 1
+               title          = "Global Requests (Non-Upload)"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "FROM Metric SELECT count(*) AS 'Total requests', average(apm.service.transaction.duration) * 1000 AS 'Average time (ms)' WHERE appName = 'gsa-fac-dev' AND path NOT LIKE '%ExcelFileHandlerView.post' AND path NOT LIKE '%UploadReportView.post'"
                }
            }
+           widget_billboard {
+               column         = 9
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 4
+               title          = "Infected Files Detected"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(*) AS 'Infected Files' FROM Log WHERE tags.space_name = 'dev' and message LIKE '%ScanResult.INFECTED%'"
                }
            }
+           widget_billboard {
+               column         = 9
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 5
+               title          = "Django /admin/login/ Count"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(`message` as `/admin/login/ hits`) FROM Log WHERE `message` LIKE 'fac-dev.app.cloud.gov%/admin/login%' SINCE 7 days ago"
                }
            }
+           widget_billboard {
+               column         = 9
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 6
+               title          = "dev api.sam.gov Connection Count"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(*) AS 'api.sam.gov connections' FROM Log WHERE `entity.name` = 'gsa-fac-dev' AND allColumnSearch('api.sam.gov', insensitive: true) SINCE 7 DAYS AGO"
                }
            }
+           widget_billboard {
+               column         = 9
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 7
+               title          = "dev login.gov Connection Count"
+               width          = 3

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(*) AS 'login.gov connections' FROM Log WHERE `entity.name` = 'gsa-fac-dev' AND allColumnSearch('/api/openid_connect/userinfo', insensitive: true) SINCE 7 DAYS AGO"
                }
            }

+           widget_log_table {
+               column         = 1
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 6
+               title          = "dev api.sam.gov Connections"
+               width          = 8

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT `message` FROM Log WHERE `entity.name` = 'gsa-fac-dev' AND allColumnSearch('api.sam.gov', insensitive: true) SINCE 7 DAYS AGO"
                }
            }
+           widget_log_table {
+               column         = 1
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 7
+               title          = "dev login.gov Connections"
+               width          = 8

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT `message` FROM Log WHERE `entity.name` = 'gsa-fac-dev' AND allColumnSearch('/api/openid_connect/userinfo', insensitive: true) SINCE 7 DAYS AGO"
                }
            }

+           widget_stacked_bar {
+               column         = 1
+               height         = 4
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 3
+               title          = "500 Error Code"
+               width          = 12

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(*) FROM Transaction FACET `request.uri` WHERE response.status = '500' and appName = 'gsa-fac-dev' SINCE 1 week AGO TIMESERIES"
                }
            }
+           widget_stacked_bar {
+               column         = 1
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 4
+               title          = "Login Requests"
+               width          = 8

+               colors {
+                   color = "#00ff04"

+                   series_overrides {
+                       color       = "#00ff04"
+                       series_name = "/openid/login/"
                    }
                }

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(*) FROM Transaction FACET `request.uri` WHERE request.uri = '/openid/login/' and appName = 'gsa-fac-dev' SINCE 1 week AGO TIMESERIES"
                }
            }
+           widget_stacked_bar {
+               column         = 1
+               height         = 3
+               id             = (known after apply)
+               legend_enabled = true
+               row            = 5
+               title          = "Logout Requests"
+               width          = 8

+               colors {
+                   color = "#ff0000"

+                   series_overrides {
+                       color       = "#ff0000"
+                       series_name = "/openid/logout/"
                    }
                }

+               nrql_query {
+                   account_id = (known after apply)
+                   query      = "SELECT count(*) FROM Transaction FACET `request.uri` WHERE request.uri = '/openid/logout/' and appName = 'gsa-fac-dev' SINCE 1 week AGO TIMESERIES"
                }
            }
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Warning: Argument is deprecated

  with module.dev-backups-bucket.cloudfoundry_service_instance.bucket,
  on /tmp/terraform-data-dir/modules/dev-backups-bucket/s3/main.tf line 14, in resource "cloudfoundry_service_instance" "bucket":
  14:   recursive_delete = var.recursive_delete

Since CF API v3, recursive delete is always done on the cloudcontroller side.
This will be removed in future releases

(and 6 more similar warnings elsewhere)

✅ Plan applied in Deploy to Development and Management Environment #736

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 27, 2024
edited
Loading

Terraform plan for meta

No changes. Your infrastructure matches the configuration. 
No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

Warning: Argument is deprecated

  with module.s3-backups.cloudfoundry_service_instance.bucket,
  on /tmp/terraform-data-dir/modules/s3-backups/s3/main.tf line 14, in resource "cloudfoundry_service_instance" "bucket":
  14:   recursive_delete = var.recursive_delete

Since CF API v3, recursive delete is always done on the cloudcontroller side.
This will be removed in future releases

✅ Plan applied in Deploy to Development and Management Environment #736

timoballard
timoballard reviewed Jun 27, 2024
View reviewed changes
terraform/shared/modules/newrelic/logreview.tf Outdated
height = 3

nrql_query {
query = "SELECT count(`message` as `/admin/login/ hits`) FROM Log WHERE `message` LIKE 'app.fac.gov%/admin/login%' SINCE 7 days ago"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will this query work in non-prod environments (looking at the url pattern)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will work, yes, but all dashboard will have it.

Ill modify it a little bit to be each specific environments url.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Latest commit should fix this:
local tf plans

space = production

query      = "SELECT count(`message` as `/admin/login/ hits`) FROM Log WHERE `message` LIKE 'app.fac.gov%/admin/login%' SINCE 7 days ago"

space = preview

"SELECT count(`message` as `/admin/login/ hits`) FROM Log WHERE `message` LIKE 'fac-preview.app.cloud.gov%/admin/login%' SINCE 7 days ago"

Not sure how much the lower env admin panels are used, but this should theoretically work for the dashboard and keep it 100% dynamic

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 27, 2024
edited
Loading

File Coverage Missing
All files 87%
api/serializers.py 88% 178-179 184 189
api/test_views.py 95% 103
api/uei.py 88% 87 118-119 163 167-168
api/views.py 98% 198-199 337-338
audit/admin.py 88% 130-132
audit/forms.py 61% 33-40 111-118
audit/intake_to_dissemination.py 88% 57-62 264 308-316
audit/mixins.py 96% 28
audit/test_admin.py 72% 15-17
audit/test_commands.py 91%
audit/test_intakelib.py 88% 154-158
audit/test_manage_submission_access_view.py 98% 15 19
audit/test_mixins.py 90% 159-160 164-166 254-255 259-261
audit/test_validators.py 96% 439 443 611-612 851 858 865 872 1176-1177 1220-1221 1246-1251
audit/test_views.py 98% 132
audit/test_workbooks_should_fail.py 88% 58 87-88 92
audit/test_workbooks_should_pass.py 87% 59 74-76
audit/utils.py 86% 9 19 60-62 65
audit/validators.py 93% 138 190 279 419-420 435-436 519-520 622-626 631-635 651-660
audit/cross_validation/additional_ueis.py 93% 33
audit/cross_validation/check_award_ref_declaration.py 90%
audit/cross_validation/check_award_reference_uniqueness.py 93%
audit/cross_validation/check_certifying_contacts.py 87%
audit/cross_validation/check_findings_count_consistency.py 87% 35
audit/cross_validation/check_ref_number_in_cap.py 91%
audit/cross_validation/check_ref_number_in_findings_text.py 91%
audit/cross_validation/errors.py 78% 30 77
audit/cross_validation/naming.py 93% 229
audit/cross_validation/submission_progress_check.py 91% 83 126 174 182-183
audit/cross_validation/tribal_data_sharing_consent.py 81% 33 36 40
audit/cross_validation/validate_general_information.py 65% 77 81-84 96 99
audit/fixtures/dissemination.py 71% 38
audit/fixtures/single_audit_checklist.py 55% 160-197 245-254
audit/intakelib/exceptions.py 71% 7-9 12
audit/intakelib/intermediate_representation.py 91% 27-28 73 91 129 200-203 212-213 283-284
audit/intakelib/mapping_audit_findings.py 97% 55
audit/intakelib/mapping_audit_findings_text.py 97% 54
audit/intakelib/mapping_federal_awards.py 93% 92
audit/intakelib/mapping_util.py 79% 21 25 29 63 99 104-105 114-120 130 145 150
audit/intakelib/checks/check_all_unique_award_numbers.py 79% 24
audit/intakelib/checks/check_cluster_names.py 75% 20-25
audit/intakelib/checks/check_cluster_total.py 95% 99
audit/intakelib/checks/check_finding_reference_pattern.py 74% 34 44-45
audit/intakelib/checks/check_findings_grid_validation.py 89% 59
audit/intakelib/checks/check_has_all_the_named_ranges.py 95% 66
audit/intakelib/checks/check_is_a_workbook.py 69% 20
audit/intakelib/checks/check_loan_balance_entries.py 83% 28
audit/intakelib/checks/check_look_for_empty_rows.py 91% 18
audit/intakelib/checks/check_no_major_program_no_type.py 76% 18 27
audit/intakelib/checks/check_no_repeat_findings.py 88% 21
audit/intakelib/checks/check_other_cluster_names.py 81% 23 33
audit/intakelib/checks/check_passthrough_name_when_no_direct.py 83% 11 49 58
audit/intakelib/checks/check_sequential_award_numbers.py 82% 25 35
audit/intakelib/checks/check_start_and_end_rows_of_all_columns_are_same.py 89% 14
audit/intakelib/checks/check_state_cluster_names.py 81% 23 33
audit/intakelib/checks/check_version_number.py 73% 30 40-41
audit/intakelib/checks/runners.py 95% 187 217
audit/intakelib/common/util.py 90% 22 39
audit/intakelib/transforms/xform_rename_additional_notes_sheet.py 81% 14
audit/management/commands/load_fixtures.py 47% 40-46
audit/models/models.py 86% 59 61 66 68 210 216 228 240-243 261 438 456-457 465 487 585-586 590 598 607 613
audit/views/audit_info_form_view.py 27% 25-74 77-117 120-137
audit/views/manage_submission.py 86% 73-80
audit/views/manage_submission_access.py 98% 113-114
audit/views/pre_dissemination_download_view.py 78% 15-16 21-22 29-39
audit/views/submission_progress_view.py 96% 182-183
audit/views/tribal_data_consent.py 34% 23-41 44-79
audit/views/unlock_after_certification.py 57% 28-51 73-87
audit/views/upload_report_view.py 26% 32-35 44 91-117 120-170 178-209
audit/views/views.py 53% 74 81-100 123-124 198-199 220-230 257 268-269 280-281 283-287 329-342 345-359 364-377 394-400 405-425 452-456 461-490 533-537 542-562 589-593 598-627 670-674 679-691 694-704 709-721 754-768
census_historical_migration/change_record.py 98% 30
census_historical_migration/end_to_end_core.py 26% 57-89 93-111 116-155 161-187 246-258 263 273-307
census_historical_migration/invalid_record.py 94% 50 54 58 62 66
census_historical_migration/migration_result.py 75% 17 21 25 29 33-42 46
census_historical_migration/report_type_flag.py 96% 19
census_historical_migration/test_federal_awards_xforms.py 99% 219-220
census_historical_migration/sac_general_lib/audit_information.py 91% 28 82-87 336
census_historical_migration/sac_general_lib/cognizant_oversight.py 68% 11
census_historical_migration/sac_general_lib/general_information.py 86% 166-167 177-178 186-187 195-200 233-255 354-355
census_historical_migration/sac_general_lib/sac_creator.py 90% 34
census_historical_migration/sac_general_lib/utils.py 84% 35 62-71
census_historical_migration/transforms/xform_remove_hyphen_and_pad_zip.py 92% 18
census_historical_migration/transforms/xform_retrieve_uei.py 67% 10
census_historical_migration/transforms/xform_string_to_bool.py 87% 17
census_historical_migration/workbooklib/additional_eins.py 84% 58-60 67-77
census_historical_migration/workbooklib/additional_ueis.py 77% 27-29 36-46
census_historical_migration/workbooklib/corrective_action_plan.py 46% 49-51 65 93-125 134-153
census_historical_migration/workbooklib/excel_creation_utils.py 69% 110 119-124 129-136 140-158 171-175 189-192
census_historical_migration/workbooklib/federal_awards.py 77% 181-184 262-301 487 554-562 572-597 621-622 918-1022
census_historical_migration/workbooklib/findings.py 69% 81-86 154-174 179-199 216-218 330-354
census_historical_migration/workbooklib/findings_text.py 46% 50-51 67 97-129 138-160
census_historical_migration/workbooklib/notes_to_sefa.py 66% 34-38 101-102 104-105 107-108 136-143 152-160 168-170 279-326
census_historical_migration/workbooklib/post_upload_utils.py 21% 22-35 66-83 89-111
census_historical_migration/workbooklib/secondary_auditors.py 88% 128-130 186-205
census_historical_migration/workbooklib/workbook_builder.py 38% 14-17 26-41
census_historical_migration/workbooklib/workbook_builder_loader.py 41% 18-30
config/error_handlers.py 94% 22
config/test_settings.py 92% 33-34 49-50
config/urls.py 72% 88
dissemination/file_downloads.py 81% 43-61 91-93
dissemination/forms.py 87% 135 144 255
dissemination/search.py 88% 113 115 119 127-128
dissemination/summary_reports.py 78% 274 300-302 306-310 421 438 459 511-575 603 638-640 664-672
dissemination/test_search.py 93% 51-66 473-474 579-596 608-632 644-669 677-693
dissemination/test_summary_reports.py 98%
dissemination/views.py 75% 134 140-142 159-225 268 298 300 336 387 389 391 469-474
dissemination/migrations/0002_general_fac_accepted_date.py 47% 10-12
dissemination/searchlib/search_alns.py 37% 44-58 78-110 115-177 184-187
dissemination/searchlib/search_direct_funding.py 86% 21-22
dissemination/searchlib/search_findings.py 76% 18-24 34 36 38
dissemination/searchlib/search_general.py 96% 138
dissemination/searchlib/search_passthrough_name.py 35% 21-31
djangooidc/backends.py 78% 32 57-63
djangooidc/exceptions.py 66% 19 21 23 28
djangooidc/oidc.py 16% 32-35 45-51 64-70 92-149 153-199 203-226 230-275 280-281 286
djangooidc/views.py 81% 22 43 109-110 117
djangooidc/tests/common.py 97%
report_submission/forms.py 92% 39
report_submission/test_views.py 98% 835
report_submission/views.py 79% 97 252 276-277 282-283 323-493 496-506 565 601-603 611-612 615-617
report_submission/templatetags/get_attr.py 76% 8 11-14 18
support/admin.py 88% 76 79 84 91-97 100-102
support/cog_over.py 91% 29-32 92 116-120 156
support/test_admin_api.py 81% 23 147-148 237-238 317-318
support/test_cog_over.py 98% 174-175 264
support/management/commands/seed_cog_baseline.py 98% 20-21
support/models/cog_over.py 89% 103-104
tools/update_program_data.py 89% 96
users/admin.py 99% 27
users/auth.py 96% 58-59
users/models.py 96% 18 74-75
users/fixtures/user_fixtures.py 91%

Minimum allowed coverage is 85%

Generated by 🐒 cobertura-action against a287f05

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 9, 2024
edited
Loading

☂️ Python Coverage

current status: ✅

Overall Coverage

Lines Covered Coverage Threshold Status
17918 16379 91% 0% 🟢

New Files

No new covered files...

Modified Files

No covered modified files...

updated for commit: 5885975 by action🐍

jadudm
jadudm approved these changes Jul 12, 2024
View reviewed changes
Copy link
Contributor

@jadudm jadudm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Excellent to have this under version control/infra as code.

@jadudm jadudm added this pull request to the merge queue Jul 12, 2024
Merged via the queue into main with commit d769034 Jul 12, 2024
12 checks passed
@jadudm jadudm deleted the log-review-dashboard branch July 12, 2024 01:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timoballard timoballard timoballard left review comments

@jadudm jadudm jadudm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@asteel-gsa @jadudm @timoballard