Create a logger to log login attempts

Issue

You need to see how many failed attempts there are for your Jenkins instance.
You need to see IP addresses where failed logins are occurring.

Environment

CloudBees CI on modern platforms
CloudBees CI on traditional platforms - Client Controller
CloudBees CI Operations Center
CloudBees Jenkins Distribution
Jenkins LTS

Resolution

Install the Audit Trail Plugin on your Jenkins Instance.
Navigate to the Audit Trail configuration.
- Manage Jenkins > Configure Jenkins > Audit Trail
Configure the following settings in the Audit Trail configuration:
1. Click "Add Logger" and select Console.
2. Output should be set to STD_ERR.
3. Click ""Advanced…"" for the Audit Trail configuration. In the URL Patterns to Log section add loginError at the end of the URL Patterns, just before the parenthesis.
  - The URL Patterns in this box can be customized to your liking if you would not like to log all of these patterns.
1. Save your changes.
Navigate to your Log Recorders.
- Manage Jenkins > System Logs
Create a New Log Recorder.
- The name can be set to your liking.
Add the following loggers to your newly created log recorder:
- jenkins.security.SecurityListener - set the logger to the FINE level.
- hudson.plugins.audit_trail.AuditTrailFilter - set the logger to the FINE level.
Save your changes.
When there is a failed login attempt you will now see them report in your new logger with the client’s IP Address.

This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.