Issue

• You need to see how many failed attempts there are for your Jenkins instance.
• You need to see IP addresses where failed logins are occurring.

Environment

• CloudBees CI on modern platforms
• CloudBees CI on traditional platforms - Client Controller
• CloudBees CI Operations Center
• CloudBees Jenkins Platform - Client Controller
• CloudBees Jenkins Platform - Operations Center
• CloudBees Jenkins Distribution
• Jenkins LTS

Resolution

1. Install the Audit Trail Plugin on your Jenkins Instance.

2. Navigate to the Audit Trail configuration.
3. Manage Jenkins > Configure Jenkins > Audit Trail
4. Configure the following settings in the Audit Trail configuration:

5. Click “Add Logger” and select Console.

6. Output should be set to STD_ERR.

7. Click ““Advanced…”” for the Audit Trail configuration.
   In the URL Patterns to Log section add loginError at the end of the URL Patterns, just before the parenthesis.

   • The URL Patterns in this box can be customized to your liking if you would not like to log all of these patterns.

   

8. Save your changes.
9. Navigate to your Log Recorders.
10. Manage Jenkins > System Logs
11. Create a New Log Recorder.
12. The name can be set to your liking.
13. Add the following loggers to your newly created log recorder:
14. jenkins.security.SecurityListener - set the logger to the FINE level.
15. hudson.plugins.audit_trail.AuditTrailFilter - set the logger to the FINE level.
16. Save your changes.
17. When there is a failed login attempt you will now see them report in your new logger with the client’s IP Address.