On 05/02/2021 08:11 Fourhundred Thecat <400thecat@gmx.ch> wrote:
On 2021-02-05 06:00, Jeff Abrahamson wrote: On 05/02/2021 05:17, Fourhundred Thecat wrote:
Hello,
I definitely want to keep logging unsuccessful auth, but how can I suppress the verbose rest?
and lastly, can these settings be set per-user?
Can I suppress verbose for user 'bob' but keep for others?
grep -v ?
Seriously, whether you view logs in a web application or at the commandline, having a way to filter them is essential. And if you have common filters, being able to to pre-program them is useful. Once in a blue moon, it's maybe useful to know something about how a user is getting on or a problem s/he's having.
thank you, but can this not be configured in dovecot?
rather than logging everything and then filtering with grep.
There are events that can be used to generate log entries, but they are not as pretty. But you can turn off auth_verbose at least.
event_exporter log-export { format = json format_args = time-rfc3339 transport = log }
metric auth_failures { exporter = log-export filter = event=auth_request_finished AND NOT success=yes }
Requires 2.3.13+
Aki