Hi,
I was wondering if there is a way to temporarily ban an IP or even a user profile who entered its password wrong for N time.
In general, is there a way to monitor user login attempts and automatically act upon it?
For simply monitoring login attempts, I highly recommend this blog post (starting from "Using Filebeat to ingest Elasticsearch audit logs") and the security audit docs that it links to.
I believe we don't offer login rate limiting at the time, but you can track the development of the issue here.
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.