initial implementation

Author: solnicki

.github/workflows/golangci-lint.yml

@@ -0,0 +1,26 @@
+name: golangci-lint
+on:
+  push:
+    branches:
+      - main
+      - master
+  pull_request:
+
+permissions:
+  contents: read
+  # Optional: allow read access to pull request. Use with `only-new-issues` option.
+  # pull-requests: read
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: stable
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v6
+        with:
+          version: v1.59

.github/workflows/test.yml

@@ -0,0 +1,17 @@
+name: Go
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22.1'
+      - name: Install dependencies
+        run: go get .
+      - name: Test with the Go CLI
+        run: go test -v -race -p 1 ./...

.gitignore

@@ -0,0 +1,2 @@
+data/
+logs/

cmd/main.go

@@ -0,0 +1,56 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+
+	"github.com/logmanager-oss/logveil/internal/anonymizer"
+)
+
+func main() {
+	var anonDataDir string
+	flag.StringVar(&anonDataDir, "dataDir", "../data", "Path to directory with anonymizing data")
+
+	var inputFile string
+	flag.StringVar(&inputFile, "inputFile", "../logs/forti-traffic-small.csv", "Path to input file containing logs to be anonymized")
+
+	var outputFile string
+	flag.StringVar(&outputFile, "outputFile", "", "Path to output file containing anonymized logs")
+
+	flag.Parse()
+
+	err := anonymize(inputFile, outputFile, anonDataDir)
+	if err != nil {
+		fmt.Printf("%v", err)
+		return
+	}
+}
+
+func anonymize(inputFile string, outputFile string, anonDataDir string) error {
+	fmt.Println("Command anonymize started")
+
+	anonymizer := anonymizer.New()
+	err := anonymizer.ReadCSVLogs(inputFile)
+	if err != nil {
+		return fmt.Errorf("reading input file %s: %v", inputFile, err)
+	}
+
+	err = anonymizer.LoadAnonData(anonDataDir)
+	if err != nil {
+		return fmt.Errorf("loading anonymizing data from %s: %v", anonDataDir, err)
+	}
+
+	anonymizer.Run()
+	if outputFile != "" {
+		err := anonymizer.WriteAnonymizedOutput(outputFile)
+		if err != nil {
+			return fmt.Errorf("writing anonymized data to output file %s: %v", outputFile, err)
+		}
+	} else {
+		fmt.Println(anonymizer.Output)
+	}
+
+	fmt.Println("All done. Exiting...")
+
+	return nil
+}

go.mod

@@ -0,0 +1,12 @@
+module github.com/logmanager-oss/logveil
+
+go 1.22.1
+
+require github.com/stretchr/testify v1.9.0
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	golang.org/x/exp v0.0.0-20240716175740-e3f259677ff7
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -0,0 +1,11 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+golang.org/x/exp v0.0.0-20240716175740-e3f259677ff7 h1:wDLEX9a7YQoKdKNQt88rtydkqDxeGaBUTnIYc3iG/mA=
+golang.org/x/exp v0.0.0-20240716175740-e3f259677ff7/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/anonymizer/anonymizer.go

@@ -0,0 +1,148 @@
+package anonymizer
+
+import (
+	"bufio"
+	"encoding/csv"
+	"errors"
+	"fmt"
+	"io/fs"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"golang.org/x/exp/rand"
+)
+
+type Anonimizer struct {
+	csvData    []map[string]string
+	anonData   map[string][]string
+	fieldNames []string
+	randFunc   func(int) int
+	Output     []string
+}
+
+func New() *Anonimizer {
+	return &Anonimizer{anonData: make(map[string][]string), randFunc: rand.Intn}
+}
+
+func (an *Anonimizer) ReadCSVLogs(filename string) error {
+	fmt.Println("Reading CSV file:", filename)
+	file, err := os.Open(filename)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	csvReader := csv.NewReader(file)
+	rows, err := csvReader.ReadAll()
+	if err != nil {
+		return err
+	}
+
+	// First element of the csvReader contains field names
+	an.fieldNames = rows[0]
+
+	for _, row := range rows[1:] {
+		m := make(map[string]string)
+		for i, val := range row {
+			m[an.fieldNames[i]] = string(val)
+		}
+		an.csvData = append(an.csvData, m)
+	}
+	fmt.Println("Field names in the CSV file:", an.fieldNames)
+	fmt.Println("Number of rows found in the CSV file:", len(an.csvData))
+
+	return nil
+}
+
+func (an *Anonimizer) LoadAnonData(anonDataDir string) error {
+	for i := range an.fieldNames {
+		if an.fieldNames[i] == "raw" {
+			continue
+		}
+
+		filepath := filepath.Join(anonDataDir, an.fieldNames[i])
+		_, err := os.Stat(filepath)
+		if err != nil {
+			if errors.Is(err, fs.ErrNotExist) {
+				fmt.Printf("Anonymizing data not found for field %s. Skipping.\n", an.fieldNames[i])
+				continue
+			}
+			return err
+		}
+
+		data, err := an.loadAnonymizingData(filepath)
+		if err != nil {
+			return fmt.Errorf("loading anonymizing data file %s: %v", filepath, err)
+		}
+
+		an.anonData[an.fieldNames[i]] = data
+		fmt.Printf("Loaded anonymizing data for field: %s; values loaded: %d\n", an.fieldNames[i], len(data))
+	}
+
+	return nil
+}
+
+func (an *Anonimizer) loadAnonymizingData(filepath string) ([]string, error) {
+	anonDataFile, err := os.OpenFile(filepath, os.O_RDONLY, os.ModePerm)
+	if err != nil {
+		return nil, err
+	}
+	defer anonDataFile.Close()
+
+	var anonData []string
+	anonDataFileScanner := bufio.NewScanner(anonDataFile)
+	for anonDataFileScanner.Scan() {
+		anonData = append(anonData, anonDataFileScanner.Text())
+	}
+
+	return anonData, nil
+}
+
+func (an *Anonimizer) Run() {
+	fmt.Println("Anonymizing data")
+
+	for _, logLine := range an.csvData {
+		for field, value := range logLine {
+			if field == "raw" {
+				continue
+			}
+
+			if value == "" {
+				continue
+			}
+
+			if anonValues, exists := an.anonData[field]; exists {
+				newAnonValue := anonValues[an.randFunc(len(anonValues))]
+				fmt.Printf("Replacing the values for field %s. From %s to %s.\n", field, value, newAnonValue)
+
+				logLine["raw"] = strings.Replace(logLine["raw"], value, newAnonValue, -1)
+			}
+		}
+
+		an.Output = append(an.Output, fmt.Sprint(logLine["raw"]))
+	}
+}
+
+func (an *Anonimizer) WriteAnonymizedOutput(filename string) error {
+	fmt.Printf("Writing anonymized data to output file: %s", filename)
+	file, err := os.Create(filename)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	for _, line := range an.Output {
+		_, err := file.WriteString(line + "\n")
+		if err != nil {
+			return fmt.Errorf("writing anonymized data to output file %s: %v", filename, err)
+		}
+	}
+	fmt.Println("Writing done")
+
+	return nil
+}
+
+func (an *Anonimizer) SetRandFunc(randFunc func(int) int) {
+	an.randFunc = randFunc
+}

internal/anonymizer/anonymizer_test.go

@@ -0,0 +1,72 @@
+package anonymizer
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAnonimizer_ReadCSVLogs(t *testing.T) {
+	tests := []struct {
+		name               string
+		filename           string
+		expectedFieldNames []string
+		expectedValues     []map[string]string
+	}{
+		{
+			name:               "Test ReadCSVLogs",
+			filename:           "../../test/test_logs/test_logs.csv",
+			expectedFieldNames: []string{"@timestamp", "raw", "msg.src_ip", "msg.username", "msg.organization"},
+			expectedValues: []map[string]string{{
+				"@timestamp":       "2024-06-05T14:59:27.000+00:00",
+				"msg.organization": "TESTuser.test.com",
+				"msg.src_ip":       "89.239.31.49", "msg.username": "[email protected]",
+				"raw": "{\"@timestamp\": \"2024-06-05T14:59:27.000+00:00\", \"msg.src_ip\":\"89.239.31.49\", \"username\":\"[email protected]\", \"organization\":\"TESTuser.test.com\"}",
+			}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			an := &Anonimizer{}
+			err := an.ReadCSVLogs(tt.filename)
+			if err != nil {
+				t.Error(err)
+			}
+			assert.Equal(t, tt.expectedFieldNames, an.fieldNames)
+			assert.Equal(t, tt.expectedValues, an.csvData)
+		})
+	}
+}
+
+func TestAnonimizer_LoadAnonData(t *testing.T) {
+	tests := []struct {
+		name             string
+		anonDataDir      string
+		fieldNames       []string
+		expectedAnonData map[string][]string
+	}{
+		{
+			name:        "Test LoadAnonData",
+			fieldNames:  []string{"msg.src_ip", "msg.username"},
+			anonDataDir: "../../test/test_anon_data",
+			expectedAnonData: map[string][]string{
+				"msg.src_ip": {
+					"10.10.10.1", "10.20.0.53", "192.168.100.1", "172.16.34.56", "10.121.202.234", "134.108.42.127", "41.188.232.249",
+				},
+				"msg.username": {
+					"miloslav.illes", "ladislav.dosek", "katerina.janeckova", "josef.varga", "miroslav.skamrala", "jiri.filip", "patrik.topic",
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			an := &Anonimizer{fieldNames: tt.fieldNames, anonData: make(map[string][]string)}
+			err := an.LoadAnonData(tt.anonDataDir)
+			if err != nil {
+				t.Error(err)
+			}
+			assert.Equal(t, tt.expectedAnonData, an.anonData)
+		})
+	}
+}