Hi all
I am having great fun analysing the alerts I see from AUM in /var/log/httpd/audit_log.
I see plenty of miscreants trying to brute force into my wordpress:
msg "Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure "
But I would also like to see Successful Logins. This way I can monitor / check that the SysAdmin made the login attempt. Is there another rule I have to enable or add?
Regards
Jag
Rule for Successful Wordpress Login
Re: Rule for Successful Wordpress Login
The answer is that the information is in the error.log file. All the information required is there.