[SERVER-39820] Add the client IP address to the successful authentication log message - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.4.21, 3.6.13, 4.1.10, 4.0.10
Component/s: Logging, Security
Labels:
None

Backwards Compatibility:
Minor Change
Backport Requested:

v4.0, v3.6, v3.4
Sprint:
Security 2019-03-25, Security 2019-04-08

Description

It would be much easier for customers to produce a report of authentication successes and failures with the IP address if the authentication success message in the log file included the IP address.

At the moment, a successful authentication log message does not include the IP address:

2019-02-25T16:27:23.805+0000 I ACCESS   [conn63538] Successfully authenticated as principal admin on admin

While the failure authentication log message does include the IP address

2019-02-25T16:23:12.863+0000 I ACCESS   [conn63518] SCRAM-SHA-1 authentication failed for admin on admin from client 206.252.195.126:54790 ; AuthenticationFailed: SCRAM-SHA-1 authentication failed, storedKey mismatch

Adding the IP address to the success message would allow customer to easily monitor for situations such as "Were there any successful authentication requests from IPs outside of those I believe I have whitelisted in my firewall?".

Attachments

Activity

People

Assignee:: Jonathan Reams

Reporter:: Cailin Nelson

Participants:: Cailin Nelson, Craig Homa, Githook User, Jonathan Reams, Luke Chen

Votes:: 0 Vote for this issue

Watchers:: 14 Start watching this issue

Dates

Created:: Feb 25 2019 04:30:16 PM UTC

Updated:: Jun 17 2019 02:14:28 PM UTC

Resolved:: Mar 26 2019 03:13:45 PM UTC