Backward time shown in Administrative log for Webmail brute force events

Hi,

Please have a look at this log line (from the Administrative log):

[2018.11.28] 10:13:28 [redacted IP]Login failed: Too many login attempts for user redacted@redacted.com.  Brute force attempts increased to 7.  Next clean available at 11/28/2018 8:13:35 AM

As you can see, the log entry was made at 10:13:28, which is correct as that is the time the user tried with the wrong credentials over and over again. But the "Next clean available" is at the same date, but 2 hours ago? How does that work?

This is how all of these events look like. The time on the server was 10:13:28 at the time of the event.

Any help would be appreciated.

Larry Duran Replied

11/30/2018 at 8:40 AM

Employee Post Marked As Resolution

Hello Lonel, the clean time you see in the logs is in UTC time instead of server time. This is something that is being fixed in SmarterMail17 and will be in the next release. So the clean time will now be in the same timezone as the logs.

So instead of seeing the log you posted it would now look like this:

[2018.11.28] 10:13:28 [redacted IP]Login failed: Too many login attempts for user redacted@redacted.com.  Brute force attempts increased to 7.  Next clean available at 11/28/2018 10:13:35 AM

Larry Duran
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com

Ionel Aurelian Rau Replied

12/3/2018 at 7:01 AM

OK, looking forward to the fix.

2 Replies

Reply to Thread

Related Community Threads

Related Knowledge Base Articles

2 Replies

Reply to Thread

Tags

Related Community Threads

Related Knowledge Base Articles