Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NEW] add failed login audit log writing #13387

Closed
wants to merge 11 commits into from

Conversation

coders-kitchen
Copy link

@coders-kitchen coders-kitchen commented Feb 6, 2019

See #2885

This PR adds the capability of logging failed login attempts. This can be used later for analysis / monitoring / fail2ban tooling.

The feature provides the option to

  • be completely turned on / off
  • select if one of the following information should be logged or not
    • Client IP
    • Forward For IP
    • UserAgent
    • Username

The log lines written are of this kind (in this example Forwarded For IP is enabled, everything else disabled)

Failed login detected - Username[unknown] ClientAddress[undefined] ForwardedFor[127.0.0.1] UserAgent[-]

@coders-kitchen
Copy link
Author

ping?

@akerkau
Copy link

akerkau commented Jul 9, 2019

What's the issue here?

@coders-kitchen
Copy link
Author

even if the discussion - see linked issue - come to the conclusion that having this feature configurable (and disabled by default) no one took care about this PR.

Right now we need to fix the code as far as I see it, as the base has changed

@sampaiodiego sampaiodiego self-requested a review February 7, 2020 14:18
@sampaiodiego sampaiodiego added this to the 4.0.0 milestone Feb 7, 2020
@sampaiodiego sampaiodiego modified the milestones: 4.0.0, 4.1.0 Mar 5, 2020
@CLAassistant
Copy link

CLA assistant check
All committers have signed the CLA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants