Furkan
December 23, 2022, 7:22pm
1
Heyho,
sorry if this was asked, but i couldnt find anything.
Is there a way i can get notified if somebody tries to login into my selfhosted Bitwarden?
Is this info being logged somewhere where I could create my own bot to play around?
Thanks for helping!
Furkan
2 Likes
big819
December 29, 2022, 5:09pm
2
yes this would be very nice, or. is there a full log of all the attempts of accessing the vault. which users can also audit from time to time
Check the log file. It will have the attempts including the IP.
Use something like fall2ban to block that IP, it can even mail you about the attempt.
Furkan
December 30, 2022, 12:53pm
4
Where is the logfile? I dont know where it is
Should be in the data folder by default. Or whatever you configured for LOG_FILE
.
Furkan
December 30, 2022, 1:58pm
6
Dont see any log file in my data folder. Also LOG_FILE as ENV Variable didnt have any effect.
IS there any article about Vaultwarden Logging?
Thanks
Furkan
December 30, 2022, 5:15pm
8
Hey, thanks!
Idk why, but even tho i used the ENV Variable, i still dont get the log file.
but i found the command “docker logs <dockername”" which includes failed/successfull log attempts, i will play with that.
Thanks for the help!
Did you rebuild the container? When using docker-compose you need to run docker-compose up -d
after charging settings.
Furkan
December 31, 2022, 3:23pm
10
I just use Portainer to create it, its not a Stack, just a normal cortainer. And yes, its newly created:
This is how the ENV looks. The path here is my Volume Path of Bitwarden, so should have no problems to create the logfile there.
LOG_FILE should be set relative to the container and not the host. I.e just /data/vaultwarden.log
so it ends up in the mounted path.
1 Like
Furkan
December 31, 2022, 3:47pm
12
This was it, i didnt think that way. It works now, thanks!
It would be nice if there was an option to send failed logins using either email or something like Gotify or ntfy. If someone out there has made such as script, please share. I’ve been using Gotify for many years now to push notifications to my mobile phones and it’s working solid.
You should be able to use fail2ban for that in some way