Hello, I'm curious about getting a log of all successful and unsuccessful logins to our Evergreen system. Along with extra info like IP address and user agent when the request comes in through a web form.
I would like a simple way to make use of tools like fail2ban to protect against brute force login attacks and to have a good log for staff account logins that could be kept longer than our full logs might be kept. Does anyone have something like that setup already? The actor.usr_activity data doesn't track unsuccessful logins or info like IP addresses. And I think it only tracks the last successful login. I can see some oils_auth.c logs that show a success/failure took place open-ils.auth 2024-04-09 13:14:26 [INFO:1950887:oils_auth.c:847:17126388021950749339] failed login: username=user, barcode=(none), workstation= open-ils.auth 2024-04-09 13:11:33 [ACT:1950868:oils_auth.c:641:17126388021949775649] successful login: username=user, authtoken=12345 But no IP address info is available at that point I'm assuming. Maybe I need to look at generating the log closer to the web server. Thanks Josh [image: Company logo] *Josh Stompro* IT Director [email protected] | 218-233-3757 ext. 139 | 218-790-2110 *Lake Agassiz Regional Library * 118 5th ST S Moorhead MN 56560 www.larl.org *Our mission is to enrich lives and strengthen communities.*
_______________________________________________ Evergreen-dev mailing list [email protected] http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-dev
