Skip to main content
Skip table of contents

How to pass multiple login failures to external

Overview

If a user tries to login with a wrong password, this is documented as loginFailure and loginRejected.
If this happens several times, it will be also documented as multipleLoginFailures.

Configuration

The login detection interval and the script can be configured:

CODE 
visulox config -name login.failed
    -----------------------------------------------------
    | changed | key                 | value             |
    -----------------------------------------------------
    |         | login.failed.rate   | 5:20:50           |
    |         | login.failed.script | failedLoginScript |
    -----------------------------------------------------

In this example failedLoginScript is triggered, if login fails five times in a minute, 20 times in an hour or 50 times a day. This is the default setting.


Example action script, that triggers on "multipleLoginFailuers" and sends the event:

failedLoginScript

BASH 
#!/bin/bash
VLXRECIPIENT=${VLXRECIPIENT:- root}
$VLXUTIL/mailclient.tcl -file stdin -subject "[TOKEN] FailedLogin $VLXLOGINUSER" -to $VLXRECIPIENT << EOF
Failures by $VLXLOGINUSER: $VLXEVENTINFO
EOF
# If the script should be treated as successful in VISULOX, the exit code must be 0
true
exit $?

Related information

Overview of VISULOX events

How to send VISULOX Events to external services



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close