# Intrusion Prevention

For organizations that desire an additional level of security, we provide a intrusion prevention feature which will lock user out after a given number of failed login attempts. This feature can be enabled by setting the lockout configuration in the application configuration file.

# Authentication Logging

Detailed logging of all authentication events can be enabled using the configuration parameters authentication_log. These logs can shipped to external systems for alerting or visualization purposes.

Events:

LOGIN_SUCCESS: user provided valid credentials
LOGIN_FAILED: user provided invalid credentials
LOGIN_BLOCKED: login attempt from blocked IP address
IP_BANNED: IP address banned after too many failed login attempts
BAN_EXPIRED: IP address ban expired