[GH-ISSUE #1281] [FEATURE REQUEST] Logging - Add more details to all the `[info]: Login attempt for "admin"` #449

New issue

Open

opened 2026-02-27 08:17:22 +03:00 by kerem · 2 comments

kerem commented

2026-02-27 08:17:22 +03:00

Owner

Originally created by @accforgithubtest on GitHub (Sep 8, 2025).
Original GitHub issue: https://github.com/lldap/lldap/issues/1281

Motivation
I would like to set up alerts if there has been admin logins outside of specific ip addresses / hostnames / etc.
Currently, LLDAP integrated with authelia / gitea / etc. keeps printing this generic log message every few minutes, making it impossible to set up an alert for admin logins from unknown sources.

Describe the solution you'd like
Would be great if this log statement can include more details of the login like client (application name / api / browser / etc info), ip address, hostnames, any other identification of who / where / how an admin had logged-in would be very useful for monitoring and alerting.

Describe alternatives you've considered
Pls let me know if / what other options are available.
I have already set up some alerts via web server / proxy logs, however it only cover access via browser and doesnt cover logins from applications on the internal docker network that do not use a browser.

Additional context
Deployed via docker. Other applications (Authelia, Gitea, etc) connect to LLDAP via integrations.
So the only way to monitor for admin logins is via LLDAP logs.

Originally created by @accforgithubtest on GitHub (Sep 8, 2025). Original GitHub issue: https://github.com/lldap/lldap/issues/1281 **Motivation** I would like to set up alerts if there has been admin logins outside of specific ip addresses / hostnames / etc. Currently, LLDAP integrated with authelia / gitea / etc. keeps printing this generic log message every few minutes, making it impossible to set up an alert for admin logins from unknown sources. **Describe the solution you'd like** Would be great if this log statement can include more details of the login like client (application name / api / browser / etc info), ip address, hostnames, any other identification of `who` / `where` / `how` an admin had logged-in would be very useful for monitoring and alerting. **Describe alternatives you've considered** Pls let me know if / what other options are available. I have already set up some alerts via web server / proxy logs, however it only cover access via browser and doesnt cover logins from applications on the internal docker network that do not use a browser. **Additional context** Deployed via docker. Other applications (Authelia, Gitea, etc) connect to LLDAP via integrations. So the only way to monitor for admin logins is via LLDAP logs.

kerem added the

enhancement

label

2026-02-27 08:17:22 +03:00

kerem commented

2026-02-27 08:17:22 +03:00

Author

Owner

@nitnelave commented on GitHub (Sep 8, 2025):

Just mentioning that the request makes sense. However, I like the default of not logging things that we don't need. I think a good compromise would be to provide a customizable string template that gets logged for every login attempt, successful or not.

@nitnelave commented on GitHub (Sep 8, 2025): Just mentioning that the request makes sense. However, I like the default of not logging things that we don't need. I think a good compromise would be to provide a customizable string template that gets logged for every login attempt, successful or not.

kerem commented

2026-02-27 08:17:22 +03:00

Author

Owner

@accforgithubtest commented on GitHub (Sep 8, 2025):

Absolutely, a customizable string template would be great, providing flexibility when required, else use defaults.
Cheers!

@accforgithubtest commented on GitHub (Sep 8, 2025): Absolutely, a customizable string template would be great, providing flexibility when required, else use defaults. Cheers!

kerem referenced this issue

2026-02-27 09:09:36 +03:00

[PR #449] [MERGED] Support disabling password reset #750