Open
Description
openedon Apr 23, 2023
Hi
For any PROPFIND and REPORT request (for CalDav/CardDav), I get some warnings like this:
{"reqId":"Ra8Dv8pIEVFztLxllaLX","level":2,"time":"2023-04-23T11:54:41+02:00","remoteAddr":"192.168.1.254","user":"olivier","app":"suspicious_login","method":"PROPFIND","url":"/remote.php/dav/principals/users/olivier/","message":"Could not predict suspiciousness: No models found","userAgent":"Thunderbird CalDAV/CardDAV","version":"26.0.1.1","data":{"app":"suspicious_login"}}
This is bloating the logs for nothing.
I tried $ occ suspiciouslogin:predict olivier 192.168.1.254
but got:
In ModelStore.php line 93:
No models found
In QBMapper.php line 284:
Did expect one result but found none when executing: query "SELECT * FROM `*PREFIX*suspicious_login_model` WHERE `address_type` = :dcValue1 ORDER BY `created_at` desc LIMIT 1";
suspiciouslogin:predict [--v6] [--] <uid> <ip> [<model>]
in my config.php, the trusted_proxies is defined to
'trusted_proxies' =>
array (
0 => '192.168.1.254',
1 => '192.168.1.8',
),
the proxy settings in Apache is:
ProxyPass "/.well-known/carddav" "${NCInternalURI}/remote.php/dav"
ProxyPass "/.well-known/caldav" "${NCInternalURI}/remote.php/dav"
ProxyPass "/.well-known/webfinger" "${NCInternalURI}/index.php/.well-known/webfinger"
ProxyPass "/.well-known/nodeinfo" "${NCInternalURI}/index.php/.well-known/nodeinfo"
I think this configuration is ok.
So, is there a way to remove these unnecessary logs?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment