#844 Monitor failed logins in (non-debug) log

Reporter ge0rg
Owner Nobody
Created
Updated
Stars ★ (1)  
Tags
  • Priority-Medium
  • Milestone-0.10
  • Type-Enhancement
  • Status-Accepted
  1. ge0rg on

    When a client authentication request fails, prosody generates multiple debug-level log messages, however none of them provides the information which user name failed to authenticate. Here is an example: Mar 10 07:51:28 c2s3553650 debug Received[c2s_unauthed]: <auth mechanism='PLAIN' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> Mar 10 07:51:28 yax.im:auth_internal_hashed debug test password for user 'aron' Mar 10 07:51:28 datamanager debug Assuming empty accounts storage ('cannot open /var/lib/prosody/yax%2eim/accounts/aron.dat: No such file or directory') for user: aron@yax.im Mar 10 07:51:28 yax.im:saslauth debug sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/><text>Unable to authorize you with the authentication credentials you&apos;ve sent.</text></failure> As it stands, cumbersome multi-line matching mechanism must be improvised to extract the usernames, e.g. awk '/test password for user/{ uid=$10 } /sasl reply: <failure/{ print uid; }' < /var/log/prosody/prosody.log Please provide a single non-debug-level log line (ideally in the context of the client session) that shows that an authentication mechanism has failed for a given username.

  2. MattJ on

    Changes
    • tags Status-Accepted Milestone-0.10

New comment