UniFi - How to Export and Delete Device Data


Overview


This article describes how an administrator can export and/or delete data from their UniFi installs.


Table of Contents


  1. Introduction
  2. UniFi Local Controller - Network Management
  3. UniFi Local Controller - Guest Portal
  4. UniFi Mobile App

Introduction


Back to Top

Effective as of May 25, 2018, the General Data Protection Regulation (GDPR) is a privacy regulation that aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection laws. Besides strengthening and standardizing data privacy across the EU nations, it will require new or additional obligations on all organizations that handle EU citizens’ personal data.

We are committed to helping our customers prepare for the changes brought by the GDPR. Compliance-related tools that are currently available include the following:


UniFi Local Controller - Network Management


Back to Top

Network management related data in UniFi Controller will be associated with the specific MAC ID of each client device. Network administrators can export and/or delete all data associated with a client device easily by using the custom script shown below. Follow instructions beginning with //. Remember to change the client_mac with the MAC ID of the client device in question. View instructions on how to run this script in Windows, macOS, and Linux at the bottom of this section.

The script for both actions ((i) only exporting and (ii) exporting + deleting) is the same. But to delete the data you must change the var delete_sta = false; to var delete_sta = true;, as stated by the instructions in the script. 

Click here to expand and see script for reference
var client_mac = '00:15:6d:00:00:00';

// change to true to have the script to delete a client
// from the database. While false, no change at all will be made to the DB
var delete_sta = false;


print((delete_sta ? 'delete' : 'query') + ' data for client[' + client_mac + ']... ');

use ace;
var collectionNames = db.getCollectionNames();
for (i=0; i<collectionNames.length; i++) {
    var name = collectionNames[i];
    var query = null;

    if (name === 'user') {
        query = { mac: client_mac };
    }

    if (name === 'guest') {
        query = { mac: client_mac };
    }

    if (name === 'event' || name === 'alarm') {
        query = { msg: { $regex : '.*' + client_mac + '.*' }};
    }

    if (query) {
        count = db.getCollection(name).find(query).count();
        if (count > 0) {
            var user_records = db.getCollection(name).find(query).toArray();
            print('dumping ' + count + ' entries for client[' + client_mac + '] from ' + name + '... ');
            printjson(user_records);
            if (delete_sta) {
                db.getCollection(name).remove(query);
            }
        }
    }
}

use ace_stat;
var setFields = [ 'x-set-guest-num_sta', 'x-set-user-num_sta', 'x-set-guest-lan-num_sta', 'x-set-guest-wlan-num_sta', 'x-set-user-lan-num_sta', 'x-set-user-wlan-num_sta', 'oid' ];
var collectionNames = db.getCollectionNames();
for (i=0; i<collectionNames.length; i++) {
    var name = collectionNames[i];
    var query = null;

    if (name === 'stat_life') {
        query = {o: 'user', oid: client_mac};
    }

    if (name === 'stat_archive') {
        query = {o: 'session', mac: client_mac};
    }

    if (name === 'stat_dpi') {
        query = {o: 'dpi', oid: client_mac};
    }

    if (query) {
        count = db.getCollection(name).find(query).count();
        if (count > 0) {
            stat_records = db.getCollection(name).find(query).toArray();
            print('dumping ' + count + ' entries for client[' + client_mac + '] from ' + name + '... ');
            printjson(stat_records);
            if (delete_sta) {
                db.getCollection(name).remove(query);
            }
        }
    }

    if (name === 'stat_minute'
        || name === 'stat_5minutes'
        || name === 'stat_hourly'
        || name === 'stat_daily'
        || name === 'stat_monthly'
    ) {
        for (f = 0; f < setFields.length; f++) {
            field = setFields[f];
            query = {};
            query[field] = client_mac;
            count = db.getCollection(name).find(query).count();
            if (count > 0) {
                stat_records = db.getCollection(name).find(query).toArray();
                print('dumping ' + count + ' entries for client[' + client_mac + '] from ' + name + '... ');
                printjson(stat_records);

                if (delete_sta) {
                    pull = {};
                    pull[field] = client_mac;
                    db.getCollection(name).update(query, { $pull: pull }, {multi: true});
                }
            }
        }
    }
}

How to Run Script

NOTE: Remember to create a backup of your controller prior to performing any major changes, such as this one.

Windows

1. Download mongo. The Windows UniFi installer does not include the mongo binary.  Visit the MongoDB official download website, select version 2.4.14 from the all binaries link, and download the .zip release that corresponds to your server's CPU architecture. See older binary list here.

2. Extract \bin\mongo.exe to a working directory of your choice.  In this example, we will use C:\GDPR\ You may ignore all other files included in the package.

3. Download the script to the server by clicking here, and save it to your working directory.

4. Open the command prompt by pressing WINDOWS + R.  In the popup, type cmd and press ENTER.

5. In the command prompt, change to your working directory:

cd C:\GDPR\

6. By default, the script is in "export" mode. Run it in this mode first before attempting to clear the data. Run it by issuing the following:

mongo.exe --port 27117 < query_sta.js

7. To delete data, the script must be modified. Use notepad or a similar plain-text editor to modify the script. Do not use a rich text editor such as Wordpad or Word. An editor such as Notepad++ is recommended as it will not add hidden characters and will respect line breaks. Modify the script in the following way:

Change var delete_sta = false;

To var delete_sta = true;

8. Run the modified script. This will clear the data from the database this time:

mongo.exe --port 27117 < query_sta.js

NOTE: As the database is actually being modified, this step may take considerably longer compared to the test run in Step 6. Do not interrupt the console until you receive a message that says bye.

9. Delete the GDPR directory you created and the files inside, if you don't intend to use it again.

macOS

1. Create a working directory on the computer.  For the purpose of this article, we will be creating a directory named /GDPR.

2. Download mongo. The macOS UniFi installer does not include the mongod binary.  Visit the MongoDB official download website, click the OSX tab, select version 2.4.14 from the all binaries link, and download the .tgz package.

3. Move the downloaded package to your working directory, and extract it by double-clicking it or using the application of your choice.

4. Locate the bin/mongo binary file, and copy it to your working directory.  At this point the downloaded .tgz package and any extra extracted files can be deleted as we only need the mongo binary.

5. Open a Terminal window, and change directories to the working directory created in Step 1:

cd /GDPR

6. Download the GDPR script:

curl "https://ubnt.zendesk.com/hc/article_attachments/360006154894/query_sta.js" -o "query_sta.js"

7. Perform a test-run of the script. By default, the script is in export mode and would indicate what will be cleared from the database if the script is modified to export and delete data.

./mongo --port 27117 < query_sta.js

8. To delete data, the script must be modified. Use notepad or a similar plain-text editor to modify the script. Do not use a rich text editor such as Wordpad or Word. An editor such as Notepad++ is recommended as it will not add hidden characters and will respect line breaks. Modify the script in the following way:

Change var delete_sta = false;

To var delete_sta = true;

9. Run the modified script, this will clear the data this time:

./mongo --port 27117 < query_sta.js

NOTE: As the database is actually being modified, this step may take considerably longer compared to the test run in Step 7. Do not interrupt the console until you receive a message that says bye.

10. Verify that the operation completed successfully and that no errors were reported.  

11. End the mongo terminal session:

exit

Then close the Terminal window.

12. Remove the working directory, if you don't intend to use it again.

Linux (Ubuntu, Debian, and Cloud Key)

1. Connect to your server via SSH using your preferred client and authenticate. The screenshots in this section of the article are from PuTTY on Windows.  If using a Linux or Mac client, you can connect to the server using the built-in terminal.

2. Change to your home directory, or create a working directory of your choice.  For this article, the home directory will be used.

cd ~

3. Download the GDPR script to your server:

wget https://ubnt.zendesk.com/hc/article_attachments/360006154894/query_sta.js

4. Perform a test-run of the script.  By default, the script is in export mode and would indicate what will be cleared from the database if the script is modified to export and delete data.

./mongo --port 27117 < query_sta.js

5. To delete data, the script must be modified. Use notepad or a similar plain-text editor to modify the script. Do not use a rich text editor such as Wordpad or Word. An editor such as Notepad++ is recommended as it will not add hidden characters and will respect line breaks. Modify the script in the following way:

Change var delete_sta = false;

To var delete_sta = true;

6. Run the modified script, this will clear the data this time:

./mongo --port 27117 < query_sta.js

NOTE: As the database is actually being modified, this step may take considerably longer compared to the test run in Step 4. Do not interrupt the console until you receive a message that says bye.

7. Verify that the operation completed successfully and that no errors were reported.

8. Remove the script from your home directory, if you don't intend to use it again:

rm query_sta.js

9. End the mongo terminal session:

exit


UniFi Local Controller - Guest Portal


Back to Top

Data in UniFi Guest Portal will be associated with each end user's name and email address. Network administrators can export and/or delete all Guest Portal data associated with a specific name and email by running the custom scripts shown below. View instructions on how to run this script in Windows, macOS, and Linux at the bottom of this section. Follow instructions in the script beginning with //. Remember to change the first_namelast_name and email with the information of the particular user.

The script for both actions ((i) only exporting and (ii) exporting + deleting) is the same.But to delete the data you must change the var clean_personal_data = false; and var delete_payment = false; to true, as stated by the instructions in the script. Please note that you may delete only personal data, only payment information or delete both.

Click here to expand and see script for reference
// All fields are optional
var first_name = 'John';
var last_name = 'Smith';
var email = 'john@example.com';

// change to true to have the script to delete a client
// from the database. While false, no change at all will be made to the DB
var clean_personal_data = false;
var delete_payment = false;

function human_readable_query (query) {
    var text = '';
    text += query.first_name && query.last_name ? (query.first_name + ' ' + query.last_name) : query.firstName || query.lastName;
    if (query.email) {
        text += ' (' + query.email + ')';
    }
    return text;
}


use ace;
var collectionName = 'payment';
var query = {}
if (first_name) { query.first_name = first_name; };
if (last_name) { query.last_name = last_name; };
if (email) { query.email = email; };

var action = delete_payment ? 'delete' : (clean_personal_data ? 'clean personal' : 'query');
print(action + ' data for payment[' + human_readable_query(query) + ']... ');

count = db.getCollection(collectionName).find(query).count();
if (count > 0) {
    var user_records = db.getCollection(collectionName).find(query).toArray();
    print('dumping ' + count + ' entries for payment[' + human_readable_query(query) + '] from ' + collectionName + '... ');
    printjson(user_records);
    if (delete_payment) {
        db.getCollection(collectionName).remove(query);
    } else if (clean_personal_data) {
        db.getCollection(collectionName).update(query, {$set: {
            first_name: '',
            last_name: '',
            email: '',
            info: '',
city: '',
zip: '',
state: '' }}) } }

How to Run Script

NOTE: Remember to create a backup of your controller prior to performing any major changes, such as this one.

Windows

1. Download mongo. The Windows UniFi installer does not include the mongo binary.  Visit the MongoDB official download website, select version 2.4.14 from the all binaries link, and download the .zip release that corresponds to your server's CPU architecture.

2. Extract \bin\mongo.exe to a working directory of your choice.  In this example, we will use C:\GDPR\ You may ignore all other files included in the package.

3. Download the script to the server by clicking here, and save it to your working directory.

4. Open the command prompt by pressing WINDOWS + R.  In the popup, type cmd and press ENTER.

5. In the command prompt, change to your working directory:

cd C:\GDPR\

6. By default, the script is in "export" mode. Run it in this mode first before attempting to clear the data. Run it by issuing the following:

mongo.exe --port 27117 < query_payment.js

7. To delete data, the script must be modified. Use notepad or a similar plain-text editor to modify the script. Do not use a rich text editor such as Wordpad or Word. An editor such as Notepad++ is recommended as it will not add hidden characters and will respect line breaks. Modify the script in the following way:

Change var delete_sta = false;

To var delete_sta = true;

8. Run the modified script. This will clear the data from the database this time:

mongo.exe --port 27117 < query_payment.js

NOTE: As the database is actually being modified, this step may take considerably longer compared to the test run in Step 6. Do not interrupt the console until you receive a message that says bye.

9. Delete the GDPR directory you created and the files inside, if you don't intend to use it again.

macOS

1. Create a working directory on the computer.  For the purpose of this article, we will be creating a directory named /GDPR.

2. Download mongo. The macOS UniFi installer does not include the mongod binary.  Visit the MongoDB official download website, click the OSX tab, select version 2.4.14 from the all binaries link, and download the .tgz package.

3. Move the downloaded package to your working directory, and extract it by double-clicking it or using the application of your choice.

4. Locate the bin/mongo binary file, and copy it to your working directory.  At this point the downloaded .tgz package and any extra extracted files can be deleted as we only need the mongo binary.

5. Open a Terminal window, and change directories to the working directory created in Step 1:

cd /GDPR

6. Download the GDPR script:

curl "https://ubnt.zendesk.com/hc/article_attachments/360006360153/query_payment.js" -o "query_payment.js"

7. Perform a test-run of the script. By default, the script is in export mode and would indicate what will be cleared from the database if the script is modified to export and delete data.

./mongo --port 27117 < query_payment.js

8. To delete data, the script must be modified. Use notepad or a similar plain-text editor to modify the script. Do not use a rich text editor such as Wordpad or Word. An editor such as Notepad++ is recommended as it will not add hidden characters and will respect line breaks. Modify the script in the following way:

Change var delete_sta = false;

To var delete_sta = true;

9. Run the modified script, this will clear the data this time:

./mongo --port 27117 < query_payment.js

NOTE: As the database is actually being modified, this step may take considerably longer compared to the test run in Step 7. Do not interrupt the console until you receive a message that says bye.

10. Verify that the operation completed successfully and that no errors were reported.  

11. End the mongo terminal session:

exit

Then close the Terminal window.

12. Remove the working directory, if you don't intend to use it again.

Linux (Ubuntu, Debian and Cloud Key)

1. Connect to your server via SSH using your preferred client and authenticate. The screenshots in this section of the article are from PuTTY on Windows.  If using a Linux or Mac client, you can connect to the server using the built-in terminal.

2. Change to your home directory, or create a working directory of your choice.  For this article, the home directory will be used.

cd ~

3. Download the GDPR script to your server:

wget https://ubnt.zendesk.com/hc/article_attachments/360006360153/query_payment.js

4. Perform a test-run of the script.  By default, the script is in export mode and would indicate what will be cleared from the database if the script is modified to export and delete data.

./mongo --port 27117 < query_payment.js

5. To delete data, the script must be modified. Use notepad or a similar plain-text editor to modify the script. Do not use a rich text editor such as Wordpad or Word. An editor such as Notepad++ is recommended as it will not add hidden characters and will respect line breaks. Modify the script in the following way:

Change var delete_sta = false;

To var delete_sta = true;

6. Run the modified script, this will clear the data this time:

./mongo --port 27117 < query_payment.js

NOTE: As the database is actually being modified, this step may take considerably longer compared to the test run in Step 4. Do not interrupt the console until you receive a message that says bye.

7. Verify that the operation completed successfully and that no errors were reported.

8. Remove the script from your home directory, if you don't intend to use it again:

rm query_payment.js

rm query_sta.js

9. End the mongo terminal session:

exit


UniFi Mobile App


Back to Top

Most information gathered by the App will be deleted/exported when doing so via the web controller using the scripts shown above. Other than that, there will be some local data that can be "forgotten" using the UniFi Mobile App to be deleted locally.

Controllerswill be deleted from the Controllers page accessible from the homepage, by swiping left and tapping Forget

Accounts: will be deleted from the Accounts page by tapping on the currently logged in account, then swiping left on the accounts on the list and tapping Forget.


Our team is reviewing our products and practices to ensure we support our customers with their GDPR compliance. We may provide updates and add features and functionalities to further support our customers along the way. We’ll also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and will adjust our plans accordingly if it changes. If you have any questions about how we can help you with GDPR compliance, we hope you’ll reach out to us at dataprotection@ubnt.com.