How to setup authentication attempts logs

mariaczi · September 4, 2018, 10:05am

My haproxy config file looks like (important part - I think):

global
    log /dev/log    local0
    log /dev/log    local1 notice
defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
userlist users
  user user insecure-password userpass

frontend front-test
  bind 127.0.0.1:88
  capture request header origin len 128
  capture request header Host len 500
  capture request header User-Agent len 64
  capture request header Authorization len 64
  log-format "%ci:%cp [%t] %H %HP %hr %hrl"
  use_backend bk_test

backend bk_test
  acl auth_ok http_auth(user)
  http-request auth if !auth_ok
  option httpchk GET /
  server local 127.0.0.1:80

How to setup to have information about which user name and from which IP tried to authenticate - correct and incorrect auth attempts?

lukastribus · September 4, 2018, 12:15pm

The logging configuration already contains the Authorization header, which contains both username and password base64 encoded.

And you can log the username with the http_auth_group fetch, but only if the authentication succeeds (put %[http_auth_group(users)] into your custom log format).

mariaczi · September 4, 2018, 2:22pm

Good point! Thanks. Should be enough for that what I need.

Topic		Replies	Views
Logging userlist username Help!	1	802	March 29, 2016
Logging options not as expected Help!	1	479	September 18, 2018
[SOLVED] Fail2ban - add domain name in log Help!	1	1163	July 2, 2019
How to log HTTP headers when doing SSL-bridging? Help!	7	3411	November 7, 2019
HAProxy does not log access logs Help!	3	942	March 25, 2021

How to setup authentication attempts logs

Related Topics