[Evergreen-dev] Authentication Logging Options
Josh Stompro
stomproj at gsuite.larl.org
Tue Apr 9 14:31:05 EDT 2024
Hello, I'm curious about getting a log of all successful and
unsuccessful logins to our Evergreen system. Along with extra info like IP
address and user agent when the request comes in through a web form.
I would like a simple way to make use of tools like fail2ban to protect
against brute force login attacks and to have a good log for staff account
logins that could be kept longer than our full logs might be kept.
Does anyone have something like that setup already?
The actor.usr_activity data doesn't track unsuccessful logins or info like
IP addresses. And I think it only tracks the last successful login.
I can see some oils_auth.c logs that show a success/failure took place
open-ils.auth 2024-04-09 13:14:26
[INFO:1950887:oils_auth.c:847:17126388021950749339] failed login:
username=user, barcode=(none), workstation=
open-ils.auth 2024-04-09 13:11:33
[ACT:1950868:oils_auth.c:641:17126388021949775649] successful login:
username=user, authtoken=12345
But no IP address info is available at that point I'm assuming. Maybe I
need to look at generating the log closer to the web server.
Thanks
Josh
[image: Company logo]
*Josh Stompro*
IT Director
stomproj at gsuite.larl.org | 218-233-3757 ext. 139 | 218-790-2110
*Lake Agassiz Regional Library *
118 5th ST S
Moorhead MN 56560
www.larl.org
*Our mission is to enrich lives and strengthen communities.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.evergreen-ils.org/pipermail/evergreen-dev/attachments/20240409/819b6b62/attachment.htm>
More information about the Evergreen-dev
mailing list