I have a question about logging standard user form-based authentication on the Nagios XI web interface.
As far as I know, details about user login are not stored anywhere - I tried to find them in Apache logs, Nagios logs, Nagios XI logs, NDO database and Nagios XI database, but I didn't find any data that indicates successful/failed user login.
I tried to correlate some data in the database with Apache logs, but without success.
Since Nagios XI login.php script is obfuscated with SourceGuardian, I cannot easily add logging code:(
Can anyone suggest a mechanism that could be used for logging user access (login) to Nagios XI web interface?
Thank you in advance!
Luka
Logging user authentication
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: Logging user authentication
Luka,
Audit logging is slated to be added in the 2012 release coming in the next couple months.
Audit logging is slated to be added in the 2012 release coming in the next couple months.
Re: Logging user authentication
Thanks Scott, that's great to hear!
Anyway, I hacked a quick solution that logs to AUTHPRIV log (/var/log/secure probably) when index.php is requested for the first time. There are some issues with this solution, but since I cannot edit login.php, I think it's a good workaround:)
Since I also had to track session duration, I added additional logging to deinit_session() in utils.inc.php. This part is working surpisingly well:)
Anyway, I hacked a quick solution that logs to AUTHPRIV log (/var/log/secure probably) when index.php is requested for the first time. There are some issues with this solution, but since I cannot edit login.php, I think it's a good workaround:)
Since I also had to track session duration, I added additional logging to deinit_session() in utils.inc.php. This part is working surpisingly well:)
Re: Logging user authentication
Thanks for the feedback!
Be sure to check out our Knowledgebase for helpful articles and solutions!