Log unsuccessful login attempts of non-users

David Gallagher shared this idea 15 months ago
Idea Logged

Currently the events table logs the following login behavior:


1. Login

2. Logout

3. Session Timeout

4. Password Invalid

5. User Lockout

These are only logged if the user has a valid account within the system.


Can we record within the event table when there is an invalid login of any kind, for example if I attempt to log in with the username test@test.com and this user does not exist then a record showing a EventCode of "InvalidUser" would be stored with the submitted username shown in the EventData Column.

This would allow for more accurate auditing of login activity.

As this could possibly cause the size of the Event Table to increase quickly could this be added as an option either within Configuration > Authentication area or as record within the configuration table.

Comments (5)

photo
1

Hi David,

All future updates regarding this idea will be found here.

Kind regards,

Nathan Goddard

photo
1

To re-iterate something from the other thread related to this, here is what we are looking for:

What we are looking for is all failed logon attempts being written to the Event table. This includes non-existent users, LDAP users, regardless of whether Yellowfin is configured for email address logon or username logon.

photo
1

Hi Crystal,

I shall have this added to the notes within our development ticket.

Regards,

Mark

photo
1

Hi, Mark -

Is there a way that I can follow status on the dev ticket? If possible, I'd like to see the ticket in the My Ticket list.

Thanks!

photo
1

Hi Crystal,

I hope you are well & Having a lovely start to your new year.

Mark is currently out, so I will answer on his behalf.


Our development ticketing system is for internal use only, However, once updates are provided on the development task, we will then update the community ticket with the progress :)


I have checked the Development task linked to this Ticket, and good news, just this week it was tagged with Target Versions! Meaning the Development team are actively working on this!


I hope this is ok, let me know if you have any further questions - for now I will mark this as 'Idea Logged'


Best Wises,

Lesley