1318353 – [RFE][M-5] create custom operational alerts in cloudforms for failed/invalid logins

Bug 1318353 - [RFE][M-5] create custom operational alerts in cloudforms for failed/invalid logins

Summary: [RFE][M-5] create custom operational alerts in cloudforms for failed/invalid ...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Control
Sub Component:
Version:	5.5.0
Hardware:	All
OS:	All
Priority:	medium
Severity:	medium
Target Milestone:	MVP
Target Release:	5.10.0
Assignee:	Jason Frey
QA Contact:	Dmitry Misharov
Docs Contact:
URL:
Whiteboard:	alert
Depends On:
Blocks:	1555371
TreeView+	depends on / blocked

Reported:	2016-03-16 15:42 UTC by Josh Carter
Modified:	2022-03-13 14:01 UTC (History)
CC List:	9 users (show)
Fixed In Version:	5.10.0.0
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-02-07 23:02:13 UTC
Category:	---
Cloudforms Team:	CFME Core
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2019:0212	0	None	None	None	2019-02-07 23:02:31 UTC

Comment 3 Jason Frey 2018-05-10 22:14:49 UTC

Josh,

Does the customer want events/alerts for failed logins into CloudForms, or for failed logins into their management system.  During the design we were assuming the former, but I just want to make sure.

Jason

Comment 5 Marianne Feifer 2018-05-24 17:50:08 UTC

See Brad's response.

Comment 6 Marianne Feifer 2018-05-24 18:06:35 UTC

See Devel whiteboard field for design.

Comment 7 CFME Bot 2018-06-01 15:47:00 UTC

https://github.com/ManageIQ/manageiq/pull/17508

Comment 8 CFME Bot 2018-06-05 01:36:45 UTC

New commit detected on ManageIQ/manageiq/master:

https://github.com/ManageIQ/manageiq/commit/b690828252411f4c7c286e081f852c31d7434324
commit b690828252411f4c7c286e081f852c31d7434324
Author:     Jason Frey <jfrey>
AuthorDate: Fri Jun  1 11:24:07 2018 -0400
Commit:     Jason Frey <jfrey>
CommitDate: Fri Jun  1 11:24:07 2018 -0400

    Raise an event on failed login attempt

    https://bugzilla.redhat.com/show_bug.cgi?id=1318353

 app/models/authenticator/base.rb | 25 +-
 db/fixtures/miq_event_definition_sets.csv | 3 +-
 db/fixtures/miq_event_definitions.csv | 5 +
 spec/models/authenticator/database_spec.rb | 11 +
 spec/models/authenticator/httpd_spec.rb | 2 +
 spec/models/authenticator/ldap_spec.rb | 2 +
 spec/models/authenticator_spec.rb | 4 +
 spec/models/user_spec.rb | 6 +
 8 files changed, 49 insertions(+), 9 deletions(-)

Comment 9 Greg Blomquist 2018-06-07 14:53:17 UTC

According to Jason, this RFE requires two parts.

1) PR from comment #7 to create a synthetic event for failed login attempt

2) Another PR (not yet complete) to create a synthetic event when a user account is created

Comment 10 CFME Bot 2018-06-08 15:02:58 UTC

https://github.com/ManageIQ/manageiq-providers-amazon/pull/452

Comment 11 CFME Bot 2018-06-08 15:13:56 UTC

New commit detected on ManageIQ/manageiq-providers-amazon/master:

https://github.com/ManageIQ/manageiq-providers-amazon/commit/4cafc5f4e5317750edfdb98a5b3ecd5ed81b8ed7
commit 4cafc5f4e5317750edfdb98a5b3ecd5ed81b8ed7
Author:     Adam Grare <agrare>
AuthorDate: Fri Jun  8 10:26:26 2018 -0400
Commit:     Adam Grare <agrare>
CommitDate: Fri Jun  8 10:26:26 2018 -0400

    Fix missing MiqServer in Authenticator spec

    The new audit_failure method in authenticator/base raises an evm event
    on auth failure which targets the MiqServer.my_server.  In the amazon
    authenticator spec this was nil which was causing the audit_failure
    method to throw an exception trying to get class and id from the target.

    https://bugzilla.redhat.com/show_bug.cgi?id=1318353

 spec/models/authenticator/amazon_spec.rb | 1 +
 1 file changed, 1 insertion(+)

Comment 12 Greg Blomquist 2018-07-18 13:38:06 UTC

See https://bugzilla.redhat.com/show_bug.cgi?id=1602136 as RFE split from this one.  Marking this as POST since this part of the feature is complete.

Comment 13 Dmitry Misharov 2018-07-30 13:31:35 UTC

Verified in 5.10.0.6.20180725145922_d299ff5. "Login Failed" event is exposed in the UI.

Comment 15 errata-xmlrpc 2019-02-07 23:02:13 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:0212

Note You need to log in before you can comment on or make changes to this bug.