alanorth/cgspace-notes
1
0
Fork 0
mirror of https://github.com/alanorth/cgspace-notes.git synced 2025-01-27 05:49:12 +01:00
Code Issues Projects Releases Wiki Activity

Update notes for 2021-04-06

Browse Source
This commit is contained in:
Alan Orth
2021-04-06 22:48:44 +03:00
parent 00dd46906f
commit 0ef42412f1
27 changed files with 56 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
content/posts/2021-04.md
View File

@ -299,8 +299,17 @@ $ psql -c 'SELECT * FROM pg_locks pl LEFT JOIN pg_stat_activity psa ON pl.pid =
4582
```
- I don't know what the hell is going on
- While looking at the logs I see that MEL is trying to log into CGSpace's REST API and delete items:
- I don't know what the hell is going on, but the PostgreSQL connections and locks are way higher than ever before:
![PostgreSQL connections week](/cgspace-notes/2021/04/postgres_connections_cgspace-week.png)
![PostgreSQL locks week](/cgspace-notes/2021/04/postgres_locks_cgspace-week.png)
![Tomcat database pool](/cgspace-notes/2021/04/jmx_tomcat_dbpools-week.png)
- Otherwise, the number of DSpace sessions is completely normal:
![DSpace sessions](/cgspace-notes/2021/04/jmx_dspace_sessions-week.png)
- While looking at the nginx logs I see that MEL is trying to log into CGSpace's REST API and delete items:
```console
34.209.213.122 - - [06/Apr/2021:03:50:46 +0200] "POST /rest/login HTTP/1.1" 401 727 "-" "MEL"
@ -308,6 +317,7 @@ $ psql -c 'SELECT * FROM pg_locks pl LEFT JOIN pg_stat_activity psa ON pl.pid =
```
- I see a few of these per day going back several months
- I sent a message to Salem and Enrico to ask if they know
- Also annoying, I see tons of what look like penetration testing requests from Qualys:
```console