Bug #70530 dashboard: Improve logging of failed login attempts
Submitted: 5 Oct 2013 9:37 Modified: 9 Jan 2015 10:15
Reporter: Simon Mudd (OCA) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Enterprise Monitor: Server Severity:S3 (Non-critical)
Version:3.0.1.2893 OS:Any
Assigned to: CPU Architecture:Any
Tags: windmill

[5 Oct 2013 9:37] Simon Mudd 
Description:
If incorrectly setup the agents will not be able to login correctly to the dashboard.
Looking in the mysql-monitor.log file the logs are rather unclear. They only record a failure and the ip address but not the username that was being used.

How to repeat:
reinstall the dashboard but don't setup the credentials properly.
look in the log and you'll see this.

2013-10-05 11:30:41,152  INFO [http-apr-18443-exec-51:com.mysql.security.com.mysql.etools.monitor.rest.AuthFilter] Unauthorized user from client10.B.C.45
2013-10-05 11:30:41,153  INFO [http-apr-18443-exec-9:com.mysql.security.com.mysql.etools.monitor.rest.AuthFilter] Unauthorized user from client10.B.C.29

Suggested fix:
1. Show the username that is trying to login. (and failed)
2. add a space between the text 'client' and the ip address.
3. potentially resolve the ip address and show the hostname (global feature?)

These changes will help debugging.
There seems to be no obvious record of these failed login attempts in the dashboard in the overview page for example, so the user may be completely unaware of this. Please address that.
[6 Oct 2013 6:41] MySQL Verification Team 
Hello Simon,

Thank you for the feature request!

Thanks,
Umesh
[7 Oct 2013 10:15] Simon Mudd 
I noticed later that there is an entry for the existing users for failed login attempts but you have to search "deep down" to find that and only see it if you're looking.

So incorrect authentication is not shown very well.