Logging Zabbix's front-end login attempts
Adding failed login attempts logging for the Zabbix dashboard
Table of Contents
Adding failed logins logging feature
The file with the code responsible for the login is CBWebUser.php
edit /usr/share/zabbix/include/classes/user/CWebUser.php
public static function login(string $login, string $password): bool {
try {
self::$data = API::User()->login([
'username' => $login,
'password' => $password,
'userData' => true
]);
if (!self::$data) {
throw new Exception();
}
API::getWrapper()->auth = self::$data['sessionid'];
if (self::$data['gui_access'] == GROUP_GUI_ACCESS_DISABLED) {
error(_('GUI access disabled.'));
throw new Exception();
}
if (isset(self::$data['attempt_failed']) && self::$data['attempt_failed']) {
CProfile::init();
CProfile::update('web.login.attempt.failed', self::$data['attempt_failed'], PROFILE_TYPE_INT);
CProfile::update('web.login.attempt.ip', self::$data['attempt_ip'], PROFILE_TYPE_STR);
CProfile::update('web.login.attempt.clock', self::$data['attempt_clock'], PROFILE_TYPE_INT);
if (!CProfile::flush()) {
return false;
}
}
// Registro de inicio de sesión exitoso
self::writeLoginLog($login, true);
return true;
}
catch (Exception $e) {
// Registro de inicio de sesión fallido
self::writeLoginLog($login, false);
self::setDefault();
return false;
}
}
// Funcion logger
private static function writeLoginLog(string $login, bool $success): void {
$logMessage = $success ? 'Login success: ' : 'Login failure: ';
$logMessage .= $login;
error_log($logMessage);
}
Validation
After properly modifying the php, try to login with wrong credentials and check the log
cat /var/log/apache2/error.log | grep Login