Syslog, Authentication Failure On Device

Sections on this page

Login Failures

Configuration

Severity

critical

Rule Query

sql SELECT * FROM devices,syslog WHERE (devices.device_id = ? AND devices.device_id = syslog.device_id) AND syslog.timestamp >= macros.past_5m AND syslog.msg REGEXP .*authentication failure.*


Last modified March 9, 2021