Merge pull request #5

therealdwright · Oct 3, 2023 · db1f9c0 · db1f9c0
2 parents d78971e + 90fda4d
commit db1f9c0
Showing 1 changed file with 42 additions and 38 deletions.
diff --git a/logpull.go b/logpull.go
@@ -4,7 +4,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"log"
 	"time"
 
 	"github.com/cloudflare/cloudflare-go"
@@ -28,54 +27,59 @@ func getAuditLogs(apiKey, apiEmail, orgId, s3Bucket string, lookBack int) error
 	if err != nil {
 		return fmt.Errorf("error creating Cloudflare API client: %v", err)
 	}
+
 	ctx := context.Background()
 	userDetails, err := api.UserDetails(ctx)
 	if err != nil {
-		log.Fatal(err)
+		return err
 	}
 
-	if len(userDetails.Email) > 0 {
-		// Get current time minus look back and store in RFC3339
-		var searchUntil time.Time
-		var fileError error
-		if len(s3Bucket) > 0 {
-			searchUntil, fileError = getLastProcessedTimeFromS3(lookBack, s3Bucket, fileName)
-		} else {
-			searchUntil, fileError = getLastProcessedTime(lookBack, fileName)
-		}
-		if fileError != nil {
-			log.Fatal(fileError)
-		}
-
-		// audit logs are returned in pages, we must continue to process until we run out of results
-		pageNumber := 1
-		for {
-			filterOpts := cloudflare.AuditLogFilter{Since: searchUntil.Format(time.RFC3339), Page: pageNumber}
-			results, err := api.GetOrganizationAuditLogs(context.Background(), orgId, filterOpts)
-			if err != nil {
-				return fmt.Errorf("error getting audit logs: %v", err)
-			}
+	if len(userDetails.Email) == 0 {
+		return nil
+	}
 
-			if len(results.Result) == 0 {
-				break
-			}
+	var searchUntil time.Time
+	if len(s3Bucket) > 0 {
+		searchUntil, err = getLastProcessedTimeFromS3(lookBack, s3Bucket, fileName)
+	} else {
+		searchUntil, err = getLastProcessedTime(lookBack, fileName)
+	}
+	if err != nil {
+		return err
+	}
 
-			for _, record := range results.Result {
-				b, _ := json.Marshal(record)
-				logsProcessed.Inc()
-				fmt.Println(string(b))
-			}
-			pageNumber++
-		}
+	if err := processAuditLogs(ctx, api, orgId, searchUntil); err != nil {
+		return err
 	}
+
 	if len(s3Bucket) > 0 {
-		if err := storeLastProcessedTimeToS3(time.Now(), s3Bucket, fileName); err != nil {
-			return fmt.Errorf("error storing last processed time to S3: %v", err)
+		return storeLastProcessedTimeToS3(time.Now(), s3Bucket, fileName)
+	}
+	return storeLastProcessedTimeToDisk(time.Now(), fileName)
+}
+
+func processAuditLogs(ctx context.Context, api *cloudflare.API, orgId string, searchUntil time.Time) error {
+	pageNumber := 1
+	for {
+		filterOpts := cloudflare.AuditLogFilter{Since: searchUntil.Format(time.RFC3339), Page: pageNumber}
+		results, err := api.GetOrganizationAuditLogs(ctx, orgId, filterOpts)
+		if err != nil {
+			return fmt.Errorf("error getting audit logs: %v", err)
 		}
-	} else {
-		if err := storeLastProcessedTimeToDisk(time.Now(), fileName); err != nil {
-			return fmt.Errorf("error storing last processed time to disk: %v", err)
+
+		if len(results.Result) == 0 {
+			break
+		}
+
+		for _, record := range results.Result {
+			b, err := json.Marshal(record)
+			if err != nil {
+				return err
+			}
+			logsProcessed.Inc()
+			fmt.Println(string(b))
 		}
+		pageNumber++
 	}
 	return nil
 }