Page MenuHomePhabricator
Create Task
Maniphest T118595

Hashed IP addresses in refined webrequest logs
Closed, DeclinedPublic
Actions

Description

Research can benefit from hashed IP addresses in refined table if the hashing is done using the same algorithm and salt used for hashing IPs in EL.

To give more context: we need this for the reader research which is being documented at https://meta.wikimedia.org/wiki/Research:Characterizing_Wikipedia_Reader_Behaviour and to match EL survey responses to webrequest logs.

Open Question for Chris: what do you think about this?

Related Objects
Search...

Event Timeline

leila created this task.Nov 13 2015, 7:23 PM
leila assigned this task to Ottomata.
leila raised the priority of this task from to Needs Triage.
leila updated the task description. (Show Details)
leila added a project: Improving-access.
leila added subscribers: leila, ellery, Cervisiarius, DarTar.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptNov 13 2015, 7:23 PM
DarTar added a project: Research.Nov 13 2015, 11:01 PM
DarTar set Security to None.
DarTar moved this task from Backlog to Radar on the Research board.
Ottomata added projects: Analytics-Clusters, Analytics-Backlog.Nov 16 2015, 2:41 PM
Tbayer subscribed.Nov 17 2015, 12:07 AM
Milimetric triaged this task as Medium priority.Nov 19 2015, 5:55 PM
Milimetric moved this task from Incoming to Backlog on the Analytics-Backlog board.
Milimetric updated the task description. (Show Details)
Milimetric added a subscriber: csteipp.
csteipp added a comment.Nov 19 2015, 6:59 PM

I talked with @ellery about this briefly.

I'd prefer that we don't permanently make this connection between our webrequests and eventlogging for all requests. If this is for a limited set of time, and preferably only for a specific set of pages, then storing this data in hadoop temporarily while you do analysis for a specific project would be fine, but I don't think we should put it in the refined logs. Are there other options?

The other option (from a technical perspective) is to brute-force the IP from the hash for survey results that you want to further analyze. Since the hashes share a salt, it shoudn't take more than a minute or two to unhash all ipv4 addresses in the table. If you need ipv6, then you can forward hash ips from the webrequest logs and probably get all results even faster.

ellery added a comment.Nov 19 2015, 7:07 PM

@csteipp Otto mentioned that there is the potential to introduce a request ID. We could associate eventlogging records with a request in the webrequest logs based on this ID. This would eliminate the need for hashed ips in the webrequest table. Is this approach any better from your perspective?

Tbayer added a comment.Nov 20 2015, 1:52 AM

Separately from privacy concerns about such deanonymizing techniques, a heads-up that the hashed IPs in EL might not be reliable currently: T119144

leila added a parent task: T116433: Third QuickSurvey for reader segmentation research - run multiple choice survey.Nov 20 2015, 5:11 AM
leila added a parent task: T112326: [Epic] Reader segmentation research - Q2.Nov 23 2015, 4:53 PM
leila removed a parent task: T116433: Third QuickSurvey for reader segmentation research - run multiple choice survey.
ggellerman edited projects, added Analytics; removed Analytics-Backlog.Jan 12 2016, 7:41 PM
Milimetric moved this task from Incoming to Event Platform on the Analytics board.Jan 12 2016, 7:41 PM
ggellerman edited projects, added Research-Freezer; removed Research.Mar 17 2016, 10:25 PM
ggellerman moved this task from Backlog to Radar on the Research-Freezer board.Mar 17 2016, 10:28 PM
Ottomata closed this task as Declined.Aug 8 2016, 7:48 PM

We don't keep IPs in eventlogging anymore. It would be good to send request-id with webrequest logs if we aren't doing that yet, and it would be good to log request-id with EL too.

Aklapper removed a project: Analytics.Jul 4 2020, 7:59 AM
Krinkle mentioned this in T262626: Remove http.client_ip from EventGate default schema (again).Sep 10 2020, 11:15 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits