Skip to content

Commit 1cf4ee6

Browse files
committed
Prevent race conditions for duplicate audit logs
1 parent 4589d5d commit 1cf4ee6

1 file changed

Lines changed: 23 additions & 8 deletions

File tree

Modules/CIPPCore/Public/Webhooks/Invoke-CIPPWebhookProcessing.ps1

Lines changed: 23 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,21 @@ function Invoke-CippWebhookProcessing {
1919
return
2020
}
2121

22+
# Immediately claim this event ID to prevent concurrent workers from processing the same event.
23+
# Uses Insert (no -Force) so a 409 conflict means another worker already claimed it.
24+
# -ErrorAction Stop ensures non-terminating errors enter the catch block.
25+
try {
26+
Add-CIPPAzDataTableEntity @AuditLogTable -Entity @{
27+
PartitionKey = $TenantFilter
28+
RowKey = $Data.Id
29+
Title = 'Processing'
30+
Tenant = $TenantFilter
31+
} -ErrorAction Stop
32+
} catch {
33+
Write-Host "Audit log $($Data.Id) already claimed by another worker. Skipping."
34+
return
35+
}
36+
2237
$Tenant = Get-Tenants -IncludeErrors | Where-Object { $_.defaultDomainName -eq $TenantFilter }
2338
Write-Host "Received data. Our Action List is $($Data.CIPPAction)"
2439

@@ -93,15 +108,15 @@ function Invoke-CippWebhookProcessing {
93108
AlertComment = $AlertComment
94109
} | ConvertTo-Json -Depth 15 -Compress
95110

96-
$CIPPAlert = @{
97-
Type = 'table'
98-
Title = $GenerateJSON.Title
99-
JSONContent = $JsonContent
100-
TenantFilter = $TenantFilter
101-
TableName = 'AuditLogs'
111+
# Update the sentinel row claimed earlier with full audit log data
112+
Add-CIPPAzDataTableEntity @AuditLogTable -Entity @{
113+
PartitionKey = $TenantFilter
102114
RowKey = $Data.Id
103-
}
104-
$LogId = Send-CIPPAlert @CIPPAlert
115+
Title = $GenerateJSON.Title
116+
Data = [string]$JsonContent
117+
Tenant = $TenantFilter
118+
} -Force
119+
$LogId = $Data.Id
105120

106121
$AuditLogLink = '{0}/tenant/administration/audit-logs/log?logId={1}&tenantFilter={2}' -f $CIPPURL, $LogId, $Tenant.defaultDomainName
107122
$GenerateEmail = New-CIPPAlertTemplate -format 'html' -data $Data -ActionResults $ActionResults -CIPPURL $CIPPURL -Tenant $Tenant.defaultDomainName -AuditLogLink $AuditLogLink -AlertComment $AlertComment

0 commit comments

Comments
 (0)