Add audit log event for WebUI sign-ins from unseen IP addresses

Neil McDonaldrequested to merge
nmcd/gitlab-fork:588994-unseen-ip-webui-only into master

What does this MR do and why?

Add audit log event for WebUI sign-ins from unseen IP addresses

Adds a user_signed_in_from_unseen_ip audit event that fires when a user signs in via the web UI from an IP not in their known IP list.

Leverages the existing KnownSignIn#notify_user trigger (which already sends the unknown sign-in email), gated by the same notify_on_unknown_sign_in application setting.

Related issue: #588994

References

Screenshots or screen recordings

Before After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #588994

Merge request reports