Create a logger to log login attempts

Issue

  • You need to see how many failed attempts there are for your Jenkins instance.
  • You need to see IP addresses where failed logins are occurring.

Environment

Resolution

  1. Install the Audit Trail Plugin on your Jenkins Instance.

  2. Navigate to the Audit Trail configuration.
  3. Manage Jenkins > Configure Jenkins > Audit Trail
  4. Configure the following settings in the Audit Trail configuration:
  5. Click “Add Logger” and select Console.

  6. Output should be set to STD_ERR.
  7. Click ““Advanced…”” for the Audit Trail configuration.
    In the URL Patterns to Log section add loginError at the end of the URL Patterns, just before the parenthesis.

    • The URL Patterns in this box can be customized to your liking if you would not like to log all of these patterns.

    url-patterns-to-log.png

  8. Save your changes.
  9. Navigate to your Log Recorders.
  10. Manage Jenkins > System Logs
  11. Create a New Log Recorder.
  12. The name can be set to your liking.
  13. Add the following loggers to your newly created log recorder:
  14. jenkins.security.SecurityListener - set the logger to the FINE level.
  15. hudson.plugins.audit_trail.AuditTrailFilter - set the logger to the FINE level.
  16. Save your changes.
  17. When there is a failed login attempt you will now see them report in your new logger with the client’s IP Address.
    login-attempt.png

Have more questions?

0 Comments

Please sign in to leave a comment.