Lockouts

Download this manual as a PDF file

A lockout is a security measure, to prevent the SL1 user interface from being hacked.

If a user enters incorrect login information multiple times in a row, that username, the user's IP address, or both will be locked out of SL1. Until an administrator removes the lockout, that user will not be able to log in to SL1.

Use the following menu options to navigate the SL1 user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

System Settings that Define Lockouts

You can define how lockouts behave in your specific ScienceLogic environment.

You can define global settings that control when a lockout is triggered, how long the lockout will last, and if the offending user is locked out by name, by IP address, or by both.

To define lockout behavior:

  1. Go to the Behavior Settings page (System > Settings > Behavior).
  2. The Behavior Settings page appears.
  3. Supply values in these fields:
  • Account Lockout Type. If a user enters incorrect login information multiple times in a row, that user will be locked out of SL1. In this field, you can select how the lockout will be applied. Choices are:
  • Lockout by IP Address (default). All login attempts from the IP address will be denied.
  • Lockout by Username and IP Address. All login attempts by the username from the IP address will be denied.
  • Lockout by Username. All login attempts by the username will be denied.
  • Disabled. Lockouts are disabled.
  • Account Lockout Attempts. Number of times a user can enter incorrect login information before the lockout occurs. Choices are 1 time through 10 times.
  • Account Lockout Duration. Specifies how long a user will be locked out of SL1. Choices are from 1 hour to 24 hours, in 1 hour increments.
  • Lockout Contact Information. This contact information will be displayed when a user is locked out of SL1. Can be any combination of alphanumeric characters, up to 255 characters in length. This information should allow the user to contact his/her administrator to unlock the account.
  1. Click the Save button to save your changes to the lockout settings.

Viewing a List of Lockouts and Removing a Lockout

You can view a list of user accounts that are currently locked out of SL1.

To view the list of current lockouts:

  1. Go to the Access Sessions page (System > Monitor > Access Logs).
  2. In the Access Sessions page, click the [Lockouts] button.
  3. The Access Lockouts page appears.

  1. The Access Lockouts page displays a list of user accounts that are currently locked out of SL1.

Removing a Lockout

You can view a list of user accounts that are currently locked out of SL1 and remove one or more users from lockout mode. This allows the user account to once again log in to SL1.

To view the list of current lockouts and remove one or more users from lockout mode:

  1. Go to the Access Sessions page (System > Monitor > Access Logs).
  2. In the Access Sessions page, click the Lockouts button.

  1. The Access Lockouts page appears.

  1. The Access Lockouts page displays a list of user accounts that are currently locked out of SL1.
  2. Find the lockout you want to remove. Click its bomb icon ().
  3. The user account will now be able to log in to SL1 again.