Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How can I view a history of login attempts to help identify that a user is using the wrong username?

If a user is attemping to login with the wrong credentials, there is no 'last login attempt' created for their profile. So, is there a table or a log that chronicles ALL login attempts where we can look and see what the user is actually using versus what they should be using?

6 answers

1 accepted

2 votes
Answer accepted
richie_gee Atlassian Team Aug 21, 2013

Hi Jeff,

You can view the information from the user sessions under the Security on the JIRA Administration page.

From there you are able to tell who is trying to establish the session and which session is still active. Failed session will have no session ID and no user, but it will track which ip is the request from.

Hope this is what you are looking for. Cheers

That works! I can trace the ip to the hostname and then with the hostname I can get a login record letting me know who was logged into that hostname when the invalid login attempt was made against JIRA. Thanks much!

If you view as adminstrator an user detail (user-management -->user) you see Current Failed Login Count. This is 0 if the last attempt was successfull. If not you got the numbers of failed attempts.

I doubt that the wrong passwords are logged.

Thanks, Udo. Yes, I am aware that you can see the failed attempts and last login for a user. I am looking for a log that will tell me what logins have been attempted. As an Admin, even seeing the password doesn't matter as I could reset it at anytime anyway. But, the password is not my concern, it is the usernames. If a person is using all caps, the failed login attempt will not be logged under their user profile, because JIRA does not see ABC123 as the same thing as abc123.

Wrong User name will of course not be logged at the user profile. Maybe you could see that in the logs.

Like korsuk likes this

Norman, this is self hosted JIRA.

Udo, thank you. Yes, I am aware that you can see the failed attempts and last login for a user. I am looking for a log that will tell me what logins have been attempted. As an Admin, even seeing the password doesn't matter as I could reset it at anytime anyway. But, the password is not my concern, it is the usernames. If a person is using all caps, the failed login attempt will not be logged under their user profile, because JIRA does not see ABC123 as the same thing as abc123.

This is self hosted Jira.

Is this Jira On-Demand or self hosted Jira?

As you could audit UserAuthenticationFailedInvalidAuthenticationEvent in Bitbucket would be great!

https://confluence.atlassian.com/bitbucketserver/audit-events-in-bitbucket-server-776640423.html

 

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you