Project

General

Profile

Actions

Bug #12464

open

Syslog Auth messages are sent as Emergency Level

Added by Steve Wheeler 9 months ago. Updated 6 days ago.

Status:
Pull Request Review
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.11
Release Notes:
Default
Affected Version:
All
Affected Architecture:
All

Description

All authentication logs are send with the Level set as Emergency even when authentication is successful:

Syslog message: AUTH.EMERG: Oct 16 01:05:04 localhost php-fpm[337]: /index.php: Successful login for user 'admin' from: 172.21.16.5 (Local Database)\n
    0010 0... = Facility: AUTH - security/authorization messages (4)
    .... .000 = Level: EMERG - system is unusable (0)
    Message: Oct 16 01:05:04 localhost php-fpm[337]: /index.php: Successful login for user 'admin' from: 172.21.16.5 (Local Database)\n

This causes a problem for some syslog collectors that don't expect to see Emergency level messages unless 'system is unusable' is actually true.

It appears that is because we do not set a level to use in the log_auth function. This should probably be set as Level NOTICE.


Files

427.diff (498 Bytes) 427.diff Steve Wheeler, 10/16/2021 10:13 AM
Actions

Also available in: Atom PDF