Skip to content

Commit 477458c

Browse files
feat(usagereporter): add session recording access usage event (#47310)
1 parent 3e117c3 commit 477458c

File tree

3 files changed

+48
-0
lines changed

3 files changed

+48
-0
lines changed

lib/usagereporter/teleport/audit.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -299,6 +299,12 @@ func ConvertAuditEvent(event apievents.AuditEvent) Anonymizable {
299299
}
300300
case *apievents.CrownJewelCreate:
301301
return &AccessGraphCrownJewelCreateEvent{}
302+
case *apievents.SessionRecordingAccess:
303+
return &SessionRecordingAccessEvent{
304+
SessionType: e.SessionType,
305+
UserName: e.User,
306+
Format: e.Format,
307+
}
302308
}
303309

304310
return nil

lib/usagereporter/teleport/audit_test.go

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,8 @@ import (
2222
"github.com/stretchr/testify/assert"
2323
"github.com/stretchr/testify/require"
2424

25+
"github.com/gravitational/teleport"
26+
"github.com/gravitational/teleport/api/types"
2527
apievents "github.com/gravitational/teleport/api/types/events"
2628
prehogv1a "github.com/gravitational/teleport/gen/proto/go/prehog/v1alpha"
2729
"github.com/gravitational/teleport/lib/utils"
@@ -212,6 +214,30 @@ func TestConvertAuditEvent(t *testing.T) {
212214
},
213215
},
214216
},
217+
{
218+
desc: "SessionRecordingAccess",
219+
event: &apievents.SessionRecordingAccess{
220+
UserMetadata: apievents.UserMetadata{
221+
User: "some-user",
222+
},
223+
SessionType: string(types.SSHSessionKind),
224+
Format: teleport.PTY,
225+
},
226+
expected: &SessionRecordingAccessEvent{
227+
SessionType: string(types.SSHSessionKind),
228+
UserName: "some-user",
229+
Format: teleport.PTY,
230+
},
231+
expectedAnonymized: &prehogv1a.SubmitEventRequest{
232+
Event: &prehogv1a.SubmitEventRequest_SessionRecordingAccess{
233+
SessionRecordingAccess: &prehogv1a.SessionRecordingAccessEvent{
234+
SessionType: string(types.SSHSessionKind),
235+
UserName: anonymizer.AnonymizeString("some-user"),
236+
Format: teleport.PTY,
237+
},
238+
},
239+
},
240+
},
215241
}
216242

217243
for _, tt := range cases {

lib/usagereporter/teleport/types.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1272,6 +1272,22 @@ func (u *UserTaskStateEvent) Anonymize(a utils.Anonymizer) prehogv1a.SubmitEvent
12721272
}
12731273
}
12741274

1275+
// SessionRecordingAccessEvent is an event that is emitted after an user access
1276+
// a session recording.
1277+
type SessionRecordingAccessEvent prehogv1a.SessionRecordingAccessEvent
1278+
1279+
func (s *SessionRecordingAccessEvent) Anonymize(a utils.Anonymizer) prehogv1a.SubmitEventRequest {
1280+
return prehogv1a.SubmitEventRequest{
1281+
Event: &prehogv1a.SubmitEventRequest_SessionRecordingAccess{
1282+
SessionRecordingAccess: &prehogv1a.SessionRecordingAccessEvent{
1283+
SessionType: s.SessionType,
1284+
UserName: a.AnonymizeString(s.UserName),
1285+
Format: s.Format,
1286+
},
1287+
},
1288+
}
1289+
}
1290+
12751291
// ConvertUsageEvent converts a usage event from an API object into an
12761292
// anonymizable event. All events that can be submitted externally via the Auth
12771293
// API need to be defined here.

0 commit comments

Comments
 (0)