[Feature Request]: Failed Logins in audit log #2613

New Issue

OVERLORD · 2026-02-05T04:37:18+03:00

OVERLORD commented

2026-02-05 04:37:18 +03:00

Originally created by @cal940 on GitHub (Jan 29, 2022).

Describe the feature you'd like

Additional event filter in audit log for failed logins

Describe the benefits this feature would bring to BookStack users

helpful for admins fixing Login problems of other users
helpful for preventing unauthorized access to bookstack (e.g. searching for failed logins in bookstack and blocking specific ip addresses / network ranges in server firewall)

Additional context

No response

Originally created by @cal940 on GitHub (Jan 29, 2022). ### Describe the feature you'd like Additional event filter in audit log for failed logins ### Describe the benefits this feature would bring to BookStack users - helpful for admins fixing Login problems of other users - helpful for preventing unauthorized access to bookstack (e.g. searching for failed logins in bookstack and blocking specific ip addresses / network ranges in server firewall) ### Additional context _No response_

OVERLORD added the 🔨 Feature Request label 2026-02-05 04:37:18 +03:00

OVERLORD closed this issue

2026-02-05 04:37:21 +03:00

OVERLORD commented

2026-02-05 04:37:23 +03:00

@ssddanbrown commented on GitHub (Jan 29, 2022):

Hi @cal940, Thanks for the request.

I generally attempt to keep our internal activity/audit-log tracking to activities that modify system state in some way. Adding logging for this kind of thing can open up other areas of potential abuse and concern (For example, someone abusing the login form with many failed logins to fill the audit log and cause a mass of writes to the database).

We do already have separate specific functionality for logging failed logins:
https://www.bookstackapp.com/docs/admin/security/#failed-access-logging

This is done in a way which can then actually be used by other system tools such as Fail2Ban or manually inspected if desired.

@ssddanbrown commented on GitHub (Jan 29, 2022): Hi @cal940, Thanks for the request. I generally attempt to keep our internal activity/audit-log tracking to activities that modify system state in some way. Adding logging for this kind of thing can open up other areas of potential abuse and concern (For example, someone abusing the login form with many failed logins to fill the audit log and cause a mass of writes to the database). We do already have separate specific functionality for logging failed logins: https://www.bookstackapp.com/docs/admin/security/#failed-access-logging This is done in a way which can then actually be used by other system tools such as Fail2Ban or manually inspected if desired.

OVERLORD commented

2026-02-05 04:37:27 +03:00

@cal940 commented on GitHub (Jan 29, 2022):

Thanks for the workaround. I will check this out on my server.

@cal940 commented on GitHub (Jan 29, 2022): Thanks for the workaround. I will check this out on my server.

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#2613