feat: enhance database retention logic to use configurable retention period and delete stale IPs
This commit is contained in:
Lorenzo Venerandi
@@ -815,16 +815,19 @@ class DatabaseManager:
|
|||||||
def flag_stale_ips_for_reevaluation(self) -> int:
|
def flag_stale_ips_for_reevaluation(self) -> int:
|
||||||
"""
|
"""
|
||||||
Flag IPs for reevaluation where:
|
Flag IPs for reevaluation where:
|
||||||
- last_seen is more than 30 days ago
|
- last_seen is older than the configured retention period
|
||||||
- last_analysis is more than 5 days ago
|
- last_analysis is more than 5 days ago
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
Number of IPs flagged for reevaluation
|
Number of IPs flagged for reevaluation
|
||||||
"""
|
"""
|
||||||
|
from config import get_config
|
||||||
|
|
||||||
session = self.session
|
session = self.session
|
||||||
try:
|
try:
|
||||||
now = datetime.now()
|
now = datetime.now()
|
||||||
last_seen_cutoff = now - timedelta(days=30)
|
retention_days = get_config().database_retention_days
|
||||||
|
last_seen_cutoff = now - timedelta(days=retention_days)
|
||||||
last_analysis_cutoff = now - timedelta(days=5)
|
last_analysis_cutoff = now - timedelta(days=5)
|
||||||
|
|
||||||
count = (
|
count = (
|
||||||
|
|||||||
@@ -26,12 +26,18 @@ app_logger = get_app_logger()
|
|||||||
|
|
||||||
def main():
|
def main():
|
||||||
"""
|
"""
|
||||||
Delete access logs, credential attempts, and attack detections
|
Delete all records older than the configured retention period.
|
||||||
older than the configured retention period.
|
Covers: AccessLog, AttackDetection, CredentialAttempt, IpStats, CategoryHistory.
|
||||||
"""
|
"""
|
||||||
try:
|
try:
|
||||||
from config import get_config
|
from config import get_config
|
||||||
from models import AccessLog, CredentialAttempt, AttackDetection
|
from models import (
|
||||||
|
AccessLog,
|
||||||
|
CredentialAttempt,
|
||||||
|
AttackDetection,
|
||||||
|
IpStats,
|
||||||
|
CategoryHistory,
|
||||||
|
)
|
||||||
|
|
||||||
config = get_config()
|
config = get_config()
|
||||||
retention_days = config.database_retention_days
|
retention_days = config.database_retention_days
|
||||||
@@ -63,13 +69,37 @@ def main():
|
|||||||
.delete(synchronize_session=False)
|
.delete(synchronize_session=False)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
# Delete IPs not seen within the retention period
|
||||||
|
ips_deleted = (
|
||||||
|
session.query(IpStats)
|
||||||
|
.filter(IpStats.last_seen < cutoff)
|
||||||
|
.delete(synchronize_session=False)
|
||||||
|
)
|
||||||
|
|
||||||
|
# Delete old category history records
|
||||||
|
history_deleted = (
|
||||||
|
session.query(CategoryHistory)
|
||||||
|
.filter(CategoryHistory.timestamp < cutoff)
|
||||||
|
.delete(synchronize_session=False)
|
||||||
|
)
|
||||||
|
|
||||||
session.commit()
|
session.commit()
|
||||||
|
|
||||||
if logs_deleted or creds_deleted or detections_deleted:
|
total = (
|
||||||
|
logs_deleted
|
||||||
|
+ detections_deleted
|
||||||
|
+ creds_deleted
|
||||||
|
+ ips_deleted
|
||||||
|
+ history_deleted
|
||||||
|
)
|
||||||
|
if total:
|
||||||
app_logger.info(
|
app_logger.info(
|
||||||
f"DB retention: Deleted {logs_deleted} access logs, "
|
f"DB retention: Deleted {logs_deleted} access logs, "
|
||||||
f"{detections_deleted} attack detections, "
|
f"{detections_deleted} attack detections, "
|
||||||
f"{creds_deleted} credential attempts older than {retention_days} days"
|
f"{creds_deleted} credential attempts, "
|
||||||
|
f"{ips_deleted} stale IPs, "
|
||||||
|
f"{history_deleted} category history records "
|
||||||
|
f"older than {retention_days} days"
|
||||||
)
|
)
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|||||||
Reference in New Issue
Block a user