VPN Session Viewer

A simple FastAPI application to display VPN session logs with a clean HTML interface and API endpoints.

Features

• Display all VPN session logs in a clean HTML interface
• Filter logs by gateway name
• Prioritizes the "SSL-VPN sessions:" section from log files
• View individual log file contents in a structured table format
• Parse VPN connection data from CLI-style log files
• Combined view of all VPN sessions with filtering by gateway, precise date/time range (to the minute), and text search
• API endpoints for programmatic access to both log metadata and parsed content with various filtering options

Setup

Option 1: Local Setup

1. Create a virtual environment:

   python -m venv venv
   source venv/bin/activate  # On Windows: venv\Scripts\activate
   

2. Install dependencies:

   pip install -r requirements.txt
   

3. Run the application:

   python main.py
   

4. Access the web interface at http://localhost:8000

Option 2: Docker Setup

A Docker/Podman setup is included for easy deployment:

1. Make sure Docker or Podman is installed on your system

2. Run the container setup script:

   ./run_container.sh
   

3. Access the web interface at http://localhost:8000

4. Place your VPN log files in the ./logs directory - the container will access them automatically

5. To stop the container:

   docker stop vpn-session-viewer   # If using Docker
   podman stop vpn-session-viewer   # If using Podman
   

Log File Format

Log files should follow this naming convention:

{gateway-name}_{ISO-timestamp}.logs

Example: firewall-1_2025-04-10T17:04:51Z.logs

API Endpoints

• GET /api/logs - Get all logs
• GET /api/logs?gateway={name} - Filter logs by gateway name
• GET /api/gateways - Get a list of all gateway names
• GET /api/log-content/{filename} - Get parsed log content in structured format
• GET /api/all-entries - Get all parsed entries from all log files
• GET /api/all-entries?gateway={name} - Filter combined entries by gateway
• GET /api/all-entries?start_date={datetime} - Filter entries by start date/time (ISO format)
• GET /api/all-entries?end_date={datetime} - Filter entries by end date/time (ISO format)
• GET /api/all-entries?use_default_time - Show only entries from last 30 minutes
• GET /api/all-entries?search={term} - Search across all entries
• GET /api/all-entries?gateway={name}&start_date={date}&end_date={date}&search={term} - Combined filters

Example API Responses

GET /api/logs

[
  {
    "gateway": "firewall-1",
    "timestamp": "2025-04-10T17:10:51+00:00",
    "filename": "firewall-1_2025-04-10T17:10:51Z.logs"
  },
  {
    "gateway": "firewall-1",
    "timestamp": "2025-04-10T17:04:51+00:00",
    "filename": "firewall-1_2025-04-10T17:04:51Z.logs"
  },
  {
    "gateway": "device-1",
    "timestamp": "2025-04-10T17:04:51+00:00",
    "filename": "device-1_2025-04-10T17:04:51Z.logs"
  }
]

GET /api/gateways

[
  "device-1",
  "firewall-1"
]

GET /api/log-content/device-1_2025-04-10T17:04:51Z.logs

[
  {
    "Index": "0",
    "User": "Norbert.Hoeller@example.com",
    "Group": "g_VPN_SAP_Service_SSO",
    "Auth Type": "256(1)",
    "Timeout": "105900",
    "Auth-Timeout": "105900",
    "From": "78.35.118.145",
    "HTTP in/out": "0/0",
    "HTTPS in/out": "0/0",
    "Two-factor Auth": "0"
  },
  {
    "Index": "1",
    "User": "r_Andreini.M@example.onmicrosoft.com",
    "Group": "G_VPN_EXTERN_EID_SSO",
    "Auth Type": "256(1)",
    "Timeout": "172503",
    "Auth-Timeout": "172503",
    "From": "195.72.210.237",
    "HTTP in/out": "0/0",
    "HTTPS in/out": "0/0",
    "Two-factor Auth": "0"
  },
  {
    "Index": "2",
    "User": "Waldemar.Roth@example.com",
    "Group": "g_VPN_Controlling_SSO",
    "Auth Type": "256(1)",
    "Timeout": "172439",
    "Auth-Timeout": "172439",
    "From": "87.151.79.111",
    "HTTP in/out": "0/0",
    "HTTPS in/out": "0/0",
    "Two-factor Auth": "0"
  }
]