[FEATURE-2062] Gateway login auditing

I’m not finding any record of gateway logins in the audit log. I’m looking especially for source IPs and possibly failed attempts for security auditing.

Based on this post, it looks like gateway event auditing is a newish thing. I can see the audit events when I change settings and which user account was used, but no way to tell where that connection was coming from.

Am I missing something, or should this be a feature request?

We do have a feature request already present in our system for adding login/logout audit capture to event log… I did some poking around on this and enabling DEBUG against ignition.UserSourceManager.Wrapper logger will at least show you login attempts against a given user source–unfortunately it doesn’t actually log failures and it doesn’t give you any IP source information. Nevertheless, I thought I’d mention it… I’ll mark this thread against our feature request for the auditing so we can keep you updated on this.

1 Like