Which folders or files I can find out login messages
I have been getting a lot of notices Emails about
“Your GitLab account has been locked due to an excessive amount of unsuccessful sign-in attempts. Your account will automatically unlock in 10 minutes or you may click the link below to unlock now.”
I hope I can watch log files to see more detailed data EX: IP address or time etc.
Thanks,
Willie
I’m getting these messages and I too want to find out where these login attempts are coming from.
nginx is the first point-of-contact, and the nginx logs are here:
/var/opt/gitlab/nginx/logs
most of the messages going into:
gitlab_access.log
I’m not sure which are triggering the sign-in attempts though. There’s a few rogue accesses that are returning 401 (Unauthorised) statuses but I’d expect more to trigger a lock…
Other ideas welcome…