Instance Level Audit Event Enhancement for User Sign In Events

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Work on this issue
• Close this issue

Refer to https://gitlab.com/groups/gitlab-org/gl-security/-/epics/1+ for full details

Proposal

When the following event occurs, we're asking for streaming audit event to log the payload schema defined here:

• User Sign In Success
• User Sign In Fail

In addition we need the following metadata added to the details field of the payload:

• For Sign In Fail add the reason for failure (example: Incorrect Email Address, Incorrect password, CAPTCHA error, 2FA failed)

Streaming-only event or normal event?

We are requesting for these logs to be streaming-only events.