For administration deciding which information, errors are sent to an email


#1

Hi,

is there a chance to decide, which information, errors are sent to an email.
For example, we are not interested, if someone could not type his/her password correctly, but sure we want be informed if serious problems do occure.
(Or just decide where these information should be logged and/or sent)


#2

I would say that the password example should be logged at most as an INFO message, so one shouldn’t normally receive a message for that (not sure if it’s actually the case, I have to check the source code).

Theoretically one could modify the [handlers] > email section in logging.yaml and add a filter that only leaves specific messages in. The problem is that filters cannot be specified in a declarative way (see this post, for instance). A hack would be to create your own Python module containing your filter’s code and make it available from the virtualenv where Indico is installed.

If someone has ideas for a better way to manage this in the future (while stil making use of the logging module), suggestions are welcome :slight_smile:


#3

The email handler is only for ERROR messages, so unless your Flask-Multipass or Indico version is outdated, the “bad credential” warnings should not trigger an email at all: https://github.com/indico/indico/blob/master/indico/core/auth.py#L105