Log failed authentications
cantor.2 at osu.edu
Wed May 13 15:40:18 UTC 2020
On 5/13/20, 10:24 AM, "users on behalf of Michael A Grady" <users-bounces at shibboleth.net on behalf of mgrady at unicon.net> wrote:
> Where we had a need to just send the process log "login succeeded/failed" messages to a syslog appender, we added
> the following to pull those messages (obviously dependent on the content of tha message, not sure if it changes in 4.x)
> from the process log. Of course, if you a flog file aggregation service, you can just have any such filtering logic there.
There are changes to the password handling wording (I strongly suspect) in V4, it's obviously not intended to be a stable thing. I generally tell my people that it's a best effort thing to get it from me; they should be monitoring the actual authentication services I use for the real data.
More information about the users