Feature #7035
closedMake webgui authentication logs less invasive
0%
Description
I'm not sure why, I'm guessing intentional, but webgui events, such as logins to the webgui, when they are logged can be very invasive. I'm guessing this is because they are stderr instead of stdout?
Example of what I mean, say I'm ssh'd into the pfSense router in a shell, out of nowhere, if I log into the webgui, I get a nasty
[2.4.0-BETA][root@pfsense.router.gtaxl.net]/root:
Message from syslogd@pfsense at Dec 24 00:10:04 ...
pfsense php-fpm47148: /index.php: Successful login for user 'admin' from: 10.0.0.4
I find this disturbing and I have to press enter to break out of it. It can interfere with other things I'm doing on the shell, say I'm running a script and it interrupts it or alters the output.
Not only that, I have syslog enabled for pfSense logs that go to a Debian server, I do a tail -f on the log files on the syslog server and I Ctrl-C out of the tail and continue on doing other things and this pops up on it out of nowhere.
root@jetstream:~#
Message from syslogd@2wire.router.gtaxl.net at Dec 23 19:05:13 ...
php-fpm81072: /index.php: Successful login for user 'admin' from: 10.0.0.4
Message from syslogd@2wire.router.gtaxl.net at Dec 23 19:10:04 ...
php-fpm47148: /index.php: Successful login for user 'admin' from: 10.0.0.4
Not only that, but I feel the way it outputs those events can break other scripts I had made for syslog. All the other pfSense logs don't do this, seems to only be web events, I'm guessing successful and failed login attempts. Can you please change this annoying behavior?
Thanks.
Updated by Victor Coss almost 8 years ago
Just a note, I've only had the SG-1000 a few days so I haven't updated the DNS on the syslog box yet, so it shows the old rDNS for the router IP. I noticed after I posted this, didn't want to cause confusion. :)
Updated by Jim Pingle almost 8 years ago
- Status changed from New to Rejected
Login events are always logged that way for security reasons. If you want to disable those messages, use the "Disable logging of webConfigurator successful logins" checkbox option at System > Advanced on the Admin Access tab
Updated by Victor Coss almost 8 years ago
I don't want to disable them, I feel knowing that is very useful, I just don't want them spilling out on my shell, especially the shell of another server.