vicidial.org

Hi
where can i find the logs of failed attempts for vicidial admin ,agent, api logins...

There is no full log of failed logins by default currently because that is actually a crash risk. We had one client who was receiving 1,000,000+ login attempts per hour and in a couple days the log file containing the failed attempts filled their hard drive and crashed their database.

What we have instead is a count of the most recent failed login attempts and the IP address that the last attempt as made from. This data is in the vicidial_users table, in the following fields:
failed_login_count, last_login_date, last_ip

The "failed_login_count" field is reset to 0 every 15 minutes, but after 10 failed login attempts the account cannot be logged into until the count is reset again.

Is there a ready made report for this?

There is currently no report for this.

thanks @mflorell

i found the Admin failed login attempts response with 401 error code and getting logs in ssl_access_log with client ip.

but the api and agents gives 200 ok for failed attempts
and also i noticed the agent api response shows the sql query ,as show below is the normal ?

ERROR: Invalid Username/Password: |6666|1234|0|0|BAD|0|api|SELECT count(*) from vicidial_users where user='6666' and pass='1234' and user_level > 0 and active='Y' and ( (failed_login_count < 10) or (UNIX_TIMESTAMP(last_login_date) < 1633192948) );|


trunk version.
VERSION: 2.14-829a
BUILD: 210911-1958

Yes, the admin.php script uses HTTP auth, while the APIs uses variables to do auth(and also allow non-auth responses) so this is working as intended.