Where does RancherUI log failed authorization attempts

Playing around with Docker and Rancher for the first time - and enjoying it.

I have my RancherUI exposed on a public IP behind SSL (Nginx proxy). I’m interested in writing a fail2ban rule for banning IPs that have several failed login attempts on the RancherUI - but cannot find where the Rancher-Server logs successful/failed logins.

Any help in locating the log files would be appreciated. Will be happy to share the fail2ban rules once I figure them out.


There is not currently anything like an access log file for fail2ban to watch, but this would a good reason to enable one.