I am currently working on a personal project but so far, I've created a simple python script (with many comments to try and explain what is going on!) to pull data from the default tac_plus.acct (AAA Accounting file) that is created with tac_plus.

By default this file is saved in /var/log/tac_plus.acct and records user sessions (whether it is authenticated via TACACS+ or by the local database on our cisco router (10.0.100.1). The script takes an argument used to filter the specific 'username' for the total time they have accessed this device.

The script technically pulls total time accessed to ALL devices with that username, but in my case I have only a single router configured in GNS3 with the ubunutu VM as a docker. I am looking to improve this script so I can either filter by ALL devices/IPs or a single IP matching a username.

#!/usr/bin/env python

import time
import sys

def getUserTime(username):
	#Default location for accounting file below. It won't be created if AAA accounting is not
	#configured on the device...
	accFile = open('/var/log/tac_plus.acct','r')
	splitFile = accFile.readlines()

	#2 lines should involve a session (Connect + Disconnect)
	sessions = len(splitFile) / 2

	print 'Total Sessions in accounting file: {0}\n'.format(str(sessions))

	#Variables for splitting the file + counters
	session_index = 0
	session_list = []

	count = 0
	user_sessions = 0
	user_time_index = 0
	user_time = 0
	#--------------------------------------#	

	while session_index < sessions:
		#Check if username exist in accounting file
		if any(username in s for s in splitFile[count:count+2]):
			#Increment user sessions, since more than 1 connect/disconnect have been found
			user_sessions = user_sessions + 1
			#Print below is for debugging/seeing output when running the script
			print 'Found session for user: {0} ({1})...'.format(username, user_sessions)
			#Append connect/disconnect session from splitFile list to a new list of lists...
			if any("elapsed_time=" in t for t in splitFile[count:count+2]):
				session_list.append(splitFile[count:count+2])
		#Counter is incremented by 2 because of session is made from: connect and disconnect
		count = count + 2
		#Session_index tells us what session we are on in the file...Stops the while loop
		session_index = session_index + 1

	print '\nTotal sessions for user **{0}** = {1}'.format(username, user_sessions)

	#Reset incase I use count again...
	count = 0

	#For each 'session' (which we have filtered 'elapsed_time=' to a username
	for session in session_list:
		user_time_index = session[1].split() #Split all variables in disconnect session
		#Index 14 SHOULD be 'elapsed_time=', replace it so now we have the variable in 'user_time'
		user_time = user_time + int(user_time_index[14].replace('elapsed_time=',''))

	#using 'time' module, to output the format
	user_time = time.strftime('%H:%M:%S', time.gmtime(user_time))
	print 'Total time logged in: ' + str(user_time)

	#Write to temp_time so a PHP script in /var/html/www can pull the total time for the user...
	new_file = open('/var/www/html/temp_time.txt','w')
	new_file.write(user_time)
	new_file.close()

getUserTime(sys.argv[1])

The purpose of this was to rent out a lab (where the customer needs to log in via an access server) and be able to gather/display information regarding the total time they have spent on the lab.

So the access server can be configured with AAA (and accounting exec command) to authenticate with this linux VM. Then the customer will be able to somehow view a webpage that gathers the time he has logged in until the password is reset (and he needs to book another 24hr frame to get access again)... The basic PHP script to access this time value in the text file is:

<html>
  	<div class="lab-remain-time">
		<p>User netdbackup - Total used LAB time </p>
		<hr>
		<?php
			$myfile = fopen("temp_time.txt", "r") or die("Unable to open: temp_time.txt");
			echo fread($myfile, filesize("temp_time.txt"));
		?>
	</div>
</html

Here is an example of all of this in action:

The script can filter total sessions + total time on a username:

The best css formatting you'll ever see (php script reading the time)