Community
Products
Bitbucket
Questions
How can I see the source IP address for a failed login attempt to Bitbucket?

How can I see the source IP address for a failed login attempt to Bitbucket?

Hi all. We use Crowd to connect Bitbucket to active directory. I've had to change a password to a service account recently and 95% of our services are working fine, but there are some login attempts that are still locking the account.

It would be really helpful to diagnosis if I could tell what IP address the failed attempts are coming from, but I cannot find this, either in bitbucket or crowd logs. How could I enable this?

1 answer

1 accepted

0 votes

Answer accepted

Hi Richard,

Bitbucket Server has an audit log saved to disk at $BITBUCKET_HOME/log/audit/atlasssian-bitbucket-audit.log. Reviewing this log should tell you the IP of the failed attempt, as seen below in a test instance example.

192.168.2.156,192.168.2.155 | AuthenticationFailureEvent | admin | 1561664377367 | admin | {"authentication-method":"basic","error":"Invalid username or password."} | @1DGSQWHx879x14109x0 | -

It this example, 2 IPs are shown, the first being the client and the second being an intermediary IP, in my case, an Nginx reverse proxy.

Let us know if there's anything else we can help with.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

How can I see the source IP address for a failed login attempt to Bitbucket?

1 answer

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events