Skip to main content

I am looking to see if there is any baseline functionality in FSM6u25 to support the following being request as part of our IT security audit process
- Security journal are enabled and log unauthorized login attempts
 

Hi Richard,

the Server Log includes entries, if a user has given an incorrect password. In addition, there is a column on the Person-table where you can see the failed login attempts.
 


 

If you want to apply a password policy, you can do so by setting the following app params:
 



Best regards
Roman


Thank you Roman.  We do already have policies established but we are looking for an effective way to consolidate and report on these failed log-in attempts beyond the ‘failed attempts’ indicator on the person record.  In our current system set-up, a new server log is created at least once a day so collecting this type of information would be quite difficult.  Are there any solutions for creating some sort of journaling log to specifically capture these events?

Regards,

Richard


Unfortunately, not that I’m aware of. You would need to parse the log files somehow with a monitoring tool that creates some sort of notification. 
For the “failed attempts” a lobby could be created inside FSM.

Best regards
Roman


Ok thanks.  Can this be logged as an ‘idea’ for R&D to consider?  I would have to think that with the heightened concern on system security in general, having direct visibility to this data would be of interest to many.

Thanks,

Richard


You can raise a new idea here:
https://community.ifs.com/ideas

Make sure to link it in this thread. So, people searching for the same functionality will be able to upvote. Thanks!

Best regards
Roman


 


Reply