[SERVER-24844] Add connection and client information to unauthorised log lines Created: 29/Jun/16 Updated: 23/Aug/19 Resolved: 23/Aug/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Diagnostics, Security |
| Affects Version/s: | 3.2.7 |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Andre de Frere | Assignee: | Spencer Jackson |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Sprint: | Security 2019-07-29, Security 2019-08-12, Security 2019-08-26 | ||||
| Participants: | |||||
| Description |
|
The message does not tell you which user failed the check, and also does not tell you which client/ip address the attempt came from (without back tracing in the logs). |
| Comments |
| Comment by Kevin Pulo [ 01/Jul/16 ] |
|
Just for some additional context, back tracing in the logs to find the authentication attempts and/or connection creation information is undesirable because it tends to be problematic for long-lived connections. This is because it requires going back a long way in the logs, and these old logs might not be immediately available or might have been deleted (eg. logrotation). |