|
1 | 1 | import logging |
2 | | -from datetime import date, datetime, time, timedelta |
| 2 | +from datetime import timedelta |
3 | 3 |
|
4 | | -from auditlog.models import LogEntry |
5 | 4 | from celery.utils.log import get_task_logger |
6 | | -from dateutil.relativedelta import relativedelta |
7 | 5 | from django.apps import apps |
8 | 6 | from django.conf import settings |
9 | 7 | from django.core.management import call_command |
10 | 8 | from django.db.models import Count, Prefetch |
11 | 9 | from django.urls import reverse |
12 | 10 | from django.utils import timezone |
13 | 11 |
|
| 12 | +from dojo.auditlog import run_flush_auditlog |
14 | 13 | from dojo.celery import app |
15 | 14 | from dojo.decorators import dojo_async_task |
16 | 15 | from dojo.finding.helper import fix_loop_duplicates |
@@ -93,54 +92,6 @@ def cleanup_alerts(*args, **kwargs): |
93 | 92 | logger.info("total number of alerts deleted: %s", total_deleted_count) |
94 | 93 |
|
95 | 94 |
|
96 | | -def run_flush_auditlog(retention_period: int | None = None, |
97 | | - batch_size: int | None = None, |
98 | | - max_batches: int | None = None) -> tuple[int, int, bool]: |
99 | | - """ |
100 | | - Deletes audit log entries older than the configured retention period. |
101 | | -
|
102 | | - Returns a tuple of (deleted_total, batches_done, reached_limit). |
103 | | - """ |
104 | | - retention_period = retention_period if retention_period is not None else getattr(settings, "AUDITLOG_FLUSH_RETENTION_PERIOD", -1) |
105 | | - if retention_period < 0: |
106 | | - logger.info("Flushing auditlog is disabled") |
107 | | - return 0, 0, False |
108 | | - |
109 | | - logger.info("Running Cleanup Task for Logentries with %d Months retention", retention_period) |
110 | | - # Compute a datetime cutoff at start of the cutoff day to keep index-usage friendly |
111 | | - retention_day = date.today() - relativedelta(months=retention_period) |
112 | | - # Use a timestamp to avoid postgres having to cast to a Date field |
113 | | - cutoff_dt = datetime.combine(retention_day, time.min, tzinfo=timezone.get_current_timezone()) |
114 | | - |
115 | | - # Settings to control batching; sensible defaults if not configured |
116 | | - batch_size = batch_size if batch_size is not None else getattr(settings, "AUDITLOG_FLUSH_BATCH_SIZE", 1000) |
117 | | - max_batches = max_batches if max_batches is not None else getattr(settings, "AUDITLOG_FLUSH_MAX_BATCHES", 100) |
118 | | - |
119 | | - # Delete in batches to avoid long-running transactions and table locks |
120 | | - deleted_total = 0 |
121 | | - batches_done = 0 |
122 | | - while batches_done < max_batches: |
123 | | - batch_qs = LogEntry.objects.filter(timestamp__lt=cutoff_dt).order_by("pk") |
124 | | - pks = list(batch_qs.values_list("pk", flat=True)[:batch_size]) |
125 | | - if not pks: |
126 | | - if batches_done == 0: |
127 | | - logger.info("No outdated Logentries found") |
128 | | - break |
129 | | - qs = LogEntry.objects.filter(pk__in=pks) |
130 | | - deleted_count = qs._raw_delete(qs.db) |
131 | | - deleted_total += int(deleted_count) |
132 | | - batches_done += 1 |
133 | | - logger.info("Deleted batch %s (size ~%s), total deleted: %s", batches_done, batch_size, deleted_total) |
134 | | - |
135 | | - reached_limit = batches_done >= max_batches |
136 | | - if reached_limit: |
137 | | - logger.info("Reached max batches limit (%s). Remaining audit log entries will be deleted in the next run.", max_batches) |
138 | | - else: |
139 | | - logger.info("Total number of audit log entries deleted: %s", deleted_total) |
140 | | - |
141 | | - return deleted_total, batches_done, reached_limit |
142 | | - |
143 | | - |
144 | 95 | @app.task(bind=True) |
145 | 96 | def flush_auditlog(*args, **kwargs): |
146 | 97 | run_flush_auditlog() |
|
0 commit comments