Haka usage statistics are collected from IdP-servers with specific transfer file. Haka-operator team fetches the file with https once a month from address reported by IdP-administrators. In future, there is no need for SP-administrators to bother collecting usage data.
1. Adding the address of the transfer file
The path to the transfer file folder containing IdP usage statistics can be added by the IdP-administrator directly to Resource Registry (Edit -> Statistics-tab).
2. Creating the transfer file on IdP
The transfer file used by CSC is based on log analysis tool contributed to Shibboleth-software. With the script the amount of log in events from the IdP to SPs can be calculated utilizing audit logs. CSC has done minor modifications to the script to make it easier to collect Haka usage statistics.
Transfer files should be kept shared so that operator has access to read them over https-connection.
In order to ensure correct form and content of the transfer file, download loganalysisCSC-script for your IdP here. Notice that script needs IdP's entityId to be updated on row 185:
185: IdPEntityId | [IdP EntityId] e.g. 185: IdPEntityId | https://idp.csc.fi/idp/shibboleth
Naming policy for the transfer file is as follows:
HakaStatistics_[vvvv-kk]_[IdP_hostname].txt e.g. HakaStatistics_2013-10_idp.csc.fi.txt
The form of the content in transfer file is as follows ('date' refers to the month of the statistical data):
IdPEntityId | [IdP EntityId] date | [yyyy-mm] logins | relyingPartyId ------------------------- [num of logins] | [SP EntityId 1] [num of logins] | [SP EntityId 2] [num of logins] | [SP EntityId.....n]
An example of the content of the transfer file:
IdPEntityId | https://idp.csc.fi/idp/shibboleth date | 2013-08 logins | relyingPartyId ------------------------- 123 | https://aai.csc.fi 456 | https://kotaplus.csc.fi 7890 | https://sui.csc.fi/shibboleth
The loganalysisCSC script may be tested at the command line as follows:
/location/loganalysisCSC.py -n /log/shibboleth-idp/idp-audit-$(date --date="last month" +%Y-%m)* \ > /outfile/location/HakaStatistics_$(date --date="last month" +%Y-%m)_idp.csc.fi.txt 2>&1
You will need an absolute path for the script, location for idp-audit.logs and the printout. Notice also that the transfer file should reside in th folder, from which it can be accessed using https-protocol.
Finally, the command may be defined to be run by cron at the first day of every month.