Details
-
Suggestion
-
Resolution: Duplicate
-
None
-
None
-
None
Description
If I perform an access request to Stash using an invalid password, I don't see anything logged.
This can help also help track rogue build bots using invalid credentials that trigger CAPTCHAs that currently can't be disabled (STASH-3001).
It would be nice to have it in a security log similar to what JIRA offers and log: failed attempts, password changes, SSH key changes, etc.
Attachments
Issue Links
- duplicates
-
BSERV-3075 Audit logging
- Closed