Bug 1318353 - [RFE][M-5] create custom operational alerts in cloudforms for failed/invalid logins
Summary: [RFE][M-5] create custom operational alerts in cloudforms for failed/invalid ...
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Control
Version: 5.5.0
Hardware: All
OS: All
Target Milestone: MVP
: 5.10.0
Assignee: Jason Frey
QA Contact: Dmitry Misharov
Whiteboard: alert
Depends On:
Blocks: 1555371
TreeView+ depends on / blocked
Reported: 2016-03-16 15:42 UTC by Josh Carter
Modified: 2019-02-07 23:02 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Last Closed: 2019-02-07 23:02:13 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0212 None None None 2019-02-07 23:02:31 UTC

Comment 3 Jason Frey 2018-05-10 22:14:49 UTC

Does the customer want events/alerts for failed logins into CloudForms, or for failed logins into their management system.  During the design we were assuming the former, but I just want to make sure.


Comment 5 Marianne Feifer 2018-05-24 17:50:08 UTC
See Brad's response.

Comment 6 Marianne Feifer 2018-05-24 18:06:35 UTC
See Devel whiteboard field for design.

Comment 8 CFME Bot 2018-06-05 01:36:45 UTC
New commit detected on ManageIQ/manageiq/master:

commit b690828252411f4c7c286e081f852c31d7434324
Author:     Jason Frey <jfrey@redhat.com>
AuthorDate: Fri Jun  1 11:24:07 2018 -0400
Commit:     Jason Frey <jfrey@redhat.com>
CommitDate: Fri Jun  1 11:24:07 2018 -0400

    Raise an event on failed login attempt


 app/models/authenticator/base.rb | 25 +-
 db/fixtures/miq_event_definition_sets.csv | 3 +-
 db/fixtures/miq_event_definitions.csv | 5 +
 spec/models/authenticator/database_spec.rb | 11 +
 spec/models/authenticator/httpd_spec.rb | 2 +
 spec/models/authenticator/ldap_spec.rb | 2 +
 spec/models/authenticator_spec.rb | 4 +
 spec/models/user_spec.rb | 6 +
 8 files changed, 49 insertions(+), 9 deletions(-)

Comment 9 Greg Blomquist 2018-06-07 14:53:17 UTC
According to Jason, this RFE requires two parts.

1) PR from comment #7 to create a synthetic event for failed login attempt

2) Another PR (not yet complete) to create a synthetic event when a user account is created

Comment 11 CFME Bot 2018-06-08 15:13:56 UTC
New commit detected on ManageIQ/manageiq-providers-amazon/master:

commit 4cafc5f4e5317750edfdb98a5b3ecd5ed81b8ed7
Author:     Adam Grare <agrare@redhat.com>
AuthorDate: Fri Jun  8 10:26:26 2018 -0400
Commit:     Adam Grare <agrare@redhat.com>
CommitDate: Fri Jun  8 10:26:26 2018 -0400

    Fix missing MiqServer in Authenticator spec

    The new audit_failure method in authenticator/base raises an evm event
    on auth failure which targets the MiqServer.my_server.  In the amazon
    authenticator spec this was nil which was causing the audit_failure
    method to throw an exception trying to get class and id from the target.


 spec/models/authenticator/amazon_spec.rb | 1 +
 1 file changed, 1 insertion(+)

Comment 12 Greg Blomquist 2018-07-18 13:38:06 UTC
See https://bugzilla.redhat.com/show_bug.cgi?id=1602136 as RFE split from this one.  Marking this as POST since this part of the feature is complete.

Comment 13 Dmitry Misharov 2018-07-30 13:31:35 UTC
Verified in "Login Failed" event is exposed in the UI.

Comment 15 errata-xmlrpc 2019-02-07 23:02:13 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.