Community Spring Cleaning week is here! Join your fellow Maveryx in digging through your old posts and marking comments on them as solved. Learn more here!

Alteryx Server Discussions

Find answers, ask questions, and share expertise about Alteryx Server.

Login log and record for Alteryx Server

HMSUM
7 - Meteor

If using built-in authentication, I can read gallery log and look for response code of /api/auth/preauth and /api/auth/session to know the login attempt record, which is sth like this:

 

Registered user with wrong password -> /api/auth/preauth = 403

Registered user with correct password -> /api/auth/preauth = 200 and /api/auth/session = 200

 

However, I cannot find all of the above record of call in another server using window authentication

Only following record can be found in the log:

Registered user with correct password -> /api/auth/session = 200

 

Alteryx Gallery do not call /api/auth/preauth when using window authentication, I guess it use other authentication module in window, anyone know where can I tracked the login attempt?

 

I am trying to trace all login attempt, including when and what IP is it come from.

 

4 REPLIES 4
joshuaburkhow
ACE Emeritus
ACE Emeritus

Hi @HMSUM 

 

I am not 100% sure what it is but I would recommend just running a user through the login process and see what gets captured in the logs. That will be the quickest way to find out 😉 

 

If this helps you, please mark solution as resolved so others can find it! 

Joshua

Joshua Burkhow - Alteryx Ace | Global Alteryx Architect @PwC | Blogger @ AlterTricks
raychase
11 - Bolide

Have you explored the sessions collection within the MongoDB?  You would find this collection within the AlteryxGallery database.

 

raychase_0-1601425495824.png

 

HMSUM
7 - Meteor

Thx, but for the collection, only record the access of user with successful login (which create a session), I am trying to capture all login attempt even fail (e.g. wrong password / wrong username ...) to identify any potential risk

 

 

raychase
11 - Bolide

I wouldn't expect any failed logins with windows authentication as it's SSO-enabled.

 

Unless you're trying to capture users attempting to login that don't have valid permissions to your Gallery.