Warning

There are known security vulnerabilities in Open XDMoD versions ≤11.0.2. We strongly encourage upgrading immediately to the latest version of Open XDMoD, 11.0.3, which contains fixes for these vulnerabilities.

To upgrade version 10.5 to 11.0.3, you will first need to upgrade to version 10.5.1, then upgrade to version 11.0.3.

If you cannot upgrade immediately, you can follow the instructions below to manually patch your installation as a temporary workaround before upgrading later.

Workaround instructions
  1. First, make sure you are on the correct web page for your version of Open XDMoD. The web page you are on now is for version 10.5. Other versions' pages are linked below:
  2. Download the patch file for your version:
  3. Copy the patch file to your Open XDMoD web server.
  4. Make sure you have the patch command installed; it can be installed with dnf install patch.
  5. Apply the patch by running the command below, replacing [PATH_TO_XDMOD_SHARE_DIR] with the path to the share directory (/usr/share/xdmod for RPM-based installs, /opt/xdmod/share or another location for source code installs) and replacing [PATH_TO_PATCH_FILE] with the path to the patch file. 
    # patch -p1 -d [PATH_TO_XDMOD_SHARE_DIR] < [PATH_TO_PATCH_FILE]
  6. Upgrade to the latest version of Open XDMoD as soon as you can.

Using → Data Analytics Framework

The XDMoD Data Analytics Framework provides REST API access to the XDMoD data warehouse. Users can access the API programmatically using the xdmod-data package. To use the API, users must generate API Tokens for themselves through the portal interface.

Configuration

The configuration settings for the Data Analytics Framework are set in the portal_settings.ini file.

API Token Expiration

The expiration_interval setting in the api_token section specifies how long a token stays valid before it is automatically revoked. The value of this setting must follow PHP relative date/time formats.

[api_token]
expiration_interval = "6 months"

Raw Data Request Limit

REST requests for raw data are limited to a maximum number of rows per request. This is configured by the rest_raw_row_limit setting in the datawarehouse section. Note that the xdmod-data API is configured to make multiple requests until all rows are obtained, so this limit is transparent to the end user of the framework.

[datawarehouse]
rest_raw_row_limit = "10000"

API Token Generation

Users should follow these steps to generate an API Token.

API Token Revocation

Users can revoke their own tokens through the “My Profile” window:

  1. Sign in on the XDMoD portal.
  2. Click the “My Profile” button.
  3. Click the “API Token” tab.
  4. Click “Delete API Token”.
  5. Click “Yes”.

Admins can revoke a user’s token by logging in as them and revoking their token:

  1. Sign in on the XDMoD portal.
  2. Click the “Admin Dashboard” button.
  3. Click the “User Management” tab.
  4. Click “Existing Users”.
  5. Search for the user in the filter box.
  6. Select the user whose token you wish to revoke.
  7. Click “Log In As Selected User”.
  8. Follow the steps above for revoking the user’s token.