How to find out failed login attempts
In order to find out and trace the failed login attempts, you have to enable Audit events in Stash to see that. Configure your stash-config.properties by setting the audit.highest.priority.to.log=MEDIUM. A restart is required so Stash will initialise these properties.
Please note the observation bellow from the documentation:
イベント 説明 Priority UserAuthenticationFailedInvalidAuthenticationEvent Occurs whenever a user fails to authenticate. Note that this can occur frequently in Stash whenever a command line CLI is used as the initial URL provided to Stash contains a username but no password, which is rejected by Crowd. MEDIUM
The Audit logs are kept under your $STASH_HOME/log/audit.
Practical example:
audit/atlassian-stash-audit.log
0:0:0:0:0:0:0:1 | AuthenticationFailureEvent | - | 1408523251985 | fred | {"authentication-method":"basic","error":"Invalid username or password."} | @DX16Wx987x199x0 | -atlassian-stash-access.log
Look up DX16Wx987x199x0 in my access logs:
0:0:0:0:0:0:0:1 | http | i@DX16Wx987x199x0 | - | 2014-08-20 16:27:31,972 | "POST /rest/api/1.0/projects/WORK/repos/my-repo/commits/ HTTP/1.1" | "" "curl/7.30.0" | - | - | - |
最終更新日 2018 年 11 月 2 日
Powered by Confluence and Scroll Viewport.