Get ip-address from login attempts in log level warning

[Merkanom]

Hello,
im trying to use fail2ban to block users who failed with login 3 times.
My fail2ban filter is working fine, but jellyfin logs are increasing several gigabyte over hours and jellyfin is spamming "login denied"-messages with just 1 login try. This didnt seems correct. Now i changed the logging to "WARNING" in system.xml. I can see login attempts now like
"jellyfin  | [10:31:25] [ERR] [25] Jellyfin.Api.Middleware.ExceptionMiddleware: Error processing request: Invalid username or password entered. URL POST /Users/authenticatebyname." and this logs are correct now (1 try > 1 log entry). But now i have the problem that the IP the login attempt was created is missing. Is there a way to get to this ip? Reverse proxy etc is correct i can see in INFO-log level the public ip-adresses. I just want them in that log.

How i can see ip-adresses in log level warning?

thank you very much!

edit:
chatgpt says i have to create a middleware.. is there no other option to see IP at just that log entry?
is this hard to implement that?

[TheDreadPirate]

You're using the filter as provided in our documentation, correct? If so, there should be an INF level log with the public IP of the failed login.

Code:

[2024-09-27 08:54:44.271 -04:00] [INF] [112] Jellyfin.Server.Implementations.Users.UserManager: Authentication request for "Chris" has been denied (IP: "[My Public IP]").

The filter we provide in our documentation looks for this line.

Code:

2024-09-27 08:54:44,274 fail2ban.filter         [1684]: INFO    [jellyfin-testing] Found [My Public IP] - 2024-09-27 08:54:44

[Merkanom]

Ah my fault.. Probably the log level was "debug" and not "info" before.
With "info" its working how you describes it.

Thank you!