Integration with GuardianKey

Hi all,

We are trying to integrate Opennebula with GuardianKey. However, we have doubts related to the best way to do this and the best point in the code for this integration.

GuardianKey is a solution to protect systems against authentication attacks. It uses Machine Learning and analyses the user’s behavior, threat intelligence and psychometrics (or behavioral biometrics). The protected system (in the concrete case, OpenNebula) must send an event via REST for the GuardianKey on each login attempt. More info at https://guardiankey.io .

The best way to integrate would be on having a hook in the procedure that process the user credentials submission in Sunstone (the script that receives the POST), something such as:

if(POST IN AUTH FORM) {
boolean loginFailed = checkLogin();
GuardianKeyEvent event = createEventForGuardianKey(username,loginFailed);
boolean GuardianKeyValidation = checkGuardianKeyViaREST(event);
if(GuardianKeyValidation){
// Allow access
} else {
// Deny access
}
}

Where is the best place to create this integration? Is there a way to create a hook for this purpose? Should we create an extension?

Any help is welcome.

Thank you in advance.

Best regards,
Geseil

Hi everyone,

Looking the GuardianKey site, I saw about GuardianKey plugin to SSH (https://guardiankey.io/products/guardiankey-for-ssh/). I observed that this plugin monitor SSH log file. Then I thinked that is possbile adapt this plugin to Opennebula.

The problem is that the file sunstone.log (or oned.log) not contains all information necessary for send to GuardianKey.
In oned.log I get succedded logins, but not showing failed logins (show failed operation, but not show which user tryed). In sunstone.log I get failed logins, but not have succedded logins.
In sunstone.log the line that showing failed login don’t have which IP of attempt.

How to personnalize the log of Sunstone or Opennebula?

Thanks Advance.
Gesiel