Does the customer want events/alerts for failed logins into CloudForms, or for failed logins into their management system. During the design we were assuming the former, but I just want to make sure.
See Brad's response.
See Devel whiteboard field for design.
New commit detected on ManageIQ/manageiq/master:
Author: Jason Frey <email@example.com>
AuthorDate: Fri Jun 1 11:24:07 2018 -0400
Commit: Jason Frey <firstname.lastname@example.org>
CommitDate: Fri Jun 1 11:24:07 2018 -0400
Raise an event on failed login attempt
app/models/authenticator/base.rb | 25 +-
db/fixtures/miq_event_definition_sets.csv | 3 +-
db/fixtures/miq_event_definitions.csv | 5 +
spec/models/authenticator/database_spec.rb | 11 +
spec/models/authenticator/httpd_spec.rb | 2 +
spec/models/authenticator/ldap_spec.rb | 2 +
spec/models/authenticator_spec.rb | 4 +
spec/models/user_spec.rb | 6 +
8 files changed, 49 insertions(+), 9 deletions(-)
According to Jason, this RFE requires two parts.
1) PR from comment #7 to create a synthetic event for failed login attempt
2) Another PR (not yet complete) to create a synthetic event when a user account is created
New commit detected on ManageIQ/manageiq-providers-amazon/master:
Author: Adam Grare <email@example.com>
AuthorDate: Fri Jun 8 10:26:26 2018 -0400
Commit: Adam Grare <firstname.lastname@example.org>
CommitDate: Fri Jun 8 10:26:26 2018 -0400
Fix missing MiqServer in Authenticator spec
The new audit_failure method in authenticator/base raises an evm event
on auth failure which targets the MiqServer.my_server. In the amazon
authenticator spec this was nil which was causing the audit_failure
method to throw an exception trying to get class and id from the target.
spec/models/authenticator/amazon_spec.rb | 1 +
1 file changed, 1 insertion(+)
See https://bugzilla.redhat.com/show_bug.cgi?id=1602136 as RFE split from this one. Marking this as POST since this part of the feature is complete.
Verified in 18.104.22.168.20180725145922_d299ff5. "Login Failed" event is exposed in the UI.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.