|
|
@@ -69,6 +69,12 @@ To encourage security, users who have been idle over 3 minutes will be logged ou
|
|
|
|
|
|
Optionally, different communication protocols can be disabled on the management station using the `restrict_program_support` and `restrict_softwares` variables. These protocols include: telnet,lpd,bluetooth,rlogin and rexec. Features that cannot be disabled include: ftp,smbd,nmbd,automount and portmap.
|
|
|
|
|
|
+## Configuring Email Alerts for Authentication Failures
|
|
|
+
|
|
|
+If the `alert_email_address` variable in `security_config.yml` is populated with a single, valid email ID, all authentication failures will trigger an email notification. A cron job is set up to verify failures and send emails every hour.
|
|
|
+
|
|
|
+>> __Note:__ The `alert_email_address` variable is __optional__. If it is not populated, authentication failure email alerts will be disabled.
|
|
|
+
|
|
|
## Log Aggregation via Grafana
|
|
|
|
|
|
[Loki](https://grafana.com/docs/loki/latest/fundamentals/overview/) is a datastore used to efficiently hold log data for security purposes. Using the `promtail` agent, logs are collated and streamed via a HTTP API.
|
cgoveas