MyTutor is a UK-based online platform dedicated to one-to-one learning. Through a curated community of tutors, they provide personalised learning experiences to their customers.
At MyTutor, we aimed to ensure that the application database was accessed only by authorised user accounts for legitimate reasons. This project involved analysing AWS CloudWatch logs for the AWS RDS instances to extract relevant information. A list of users and their executed queries was compiled, excluding certain allowed users. The accounts that did not meet the criteria were then posted to a Slack channel for review.
Each post to he Slack channel contained the username, the top five queries the user executed, the first time they connected within the monitoring period, the last time they connected during the monitoring period and the number of times they connected.
The process is launched each day using a GitHub action.