rkreddyp/security_review_consolelogins.py

## security_review_consolelogins.py
readonly = "false" # change it to false if you want write events as well

eventdf = cloudtrail_helpers.get_events_df("EventName", "PutConfigRule", starttime, endtime, readonly)
print (eventdf.shape)
eventdf.EventTime = pd.to_datetime(eventdf.EventTime, format='%m-%d-%Y:%H').apply(lambda x:x.strftime('%m-%d-%Y'))
sdf = eventdf[["EventTime", 'Username',  'userAgent', 'sourceIPAddress']]
sdf = sdf.groupby( ["EventTime", "userAgent", 'sourceIPAddress'] )['Username'].agg(','.join).reset_index(name='Usernames')


sdf.to_csv("/tmp/consolelogins.csv")
link = lib_helpers.take_uploadfilename_return_link("consolelogins.csv", "consolelogins.csv")
display (md("##### Download the csv of the below table [here]({link})".format(link=link) ) )
	readonly = "false" # change it to false if you want write events as well

	eventdf = cloudtrail_helpers.get_events_df("EventName", "PutConfigRule", starttime, endtime, readonly)
	print (eventdf.shape)
	eventdf.EventTime = pd.to_datetime(eventdf.EventTime, format='%m-%d-%Y:%H').apply(lambda x:x.strftime('%m-%d-%Y'))
	sdf = eventdf[["EventTime", 'Username', 'userAgent', 'sourceIPAddress']]
	sdf = sdf.groupby( ["EventTime", "userAgent", 'sourceIPAddress'] )['Username'].agg(','.join).reset_index(name='Usernames')



	sdf.to_csv("/tmp/consolelogins.csv")
	link = lib_helpers.take_uploadfilename_return_link("consolelogins.csv", "consolelogins.csv")
	display (md("##### Download the csv of the below table [here]({link})".format(link=link) ) )