Why do I receive lots of Found Invalid Crumb warnings in the logs?

Article ID:115001974468
1 minute readKnowledge base


You receive lots of warnings in your logs with the following pattern:

WARNING: Found invalid crumb xxxxxxxxxxxxx. Will check remaining parameters for a valid one...
hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.


CloudBees Jenkins Operations Center


The issue is related to JENKINS-40344. This bug materializes in the logs if you have CSRF protection enabled (which is a recommended practice). To learn more about CSRF Protection, you can click here.

In the meantime, and as a workaround, you can avoid flooding your logs with these messages by changing the log level to SEVERE on the following logger hudson.security.csrf.CrumbFilter.

In order to do this, please follow the procedure below:

  • Navigate to Jenkins  Manage Jenkins  System Log  Log Levels.

  • Write hudson.security.csrf.CrumbFilter in the textbox, select the SEVERE level value and then click submit.