ldraney/pal-e-platform
1
0
Fork 0
Code Issues 91 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Grafana dashboard: auth activity (logins, failures, active users) #252

New issue
Open
opened 2026-03-30 16:05:59 +00:00 by forgejo_admin · 0 comments
forgejo_admin commented 2026-03-30 16:05:59 +00:00
Contributor
Copy link

Type

Feature

Lineage

Standalone -- discovered during jersey ordering session 2026-03-29. Depends on Keycloak event logging ticket.

Repo

forgejo_admin/pal-e-platform

User Story

As an admin
I want a Grafana dashboard showing login activity over time, failed attempts, and active users
So that I can monitor how parents and coaches are using the platform

Context

Structured API logs already include user_id per authenticated request (basketball-api logging_config.py). Once Keycloak event logging is enabled (separate ticket), LOGIN/LOGOUT/ERROR events will flow to Loki. This ticket builds the Grafana dashboard to visualize both sources.

Existing dashboards live in terraform/dashboards/ as JSON files and are provisioned via the monitoring module.

File Targets

Files the agent should modify or create:

  • terraform/dashboards/auth-activity-dashboard.json -- new dashboard JSON with panels for login activity, failures, active users
  • terraform/modules/monitoring/main.tf -- register the new dashboard in Grafana provisioning config (follow pattern of existing dashboards)

Files the agent should NOT touch:

  • basketball-api/ -- no application code changes
  • terraform/modules/keycloak/ -- Keycloak config is a separate ticket

Acceptance Criteria

  • When I open Grafana, there is an "Auth Activity" dashboard
  • Dashboard shows logins over time (line chart, 24h/7d/30d selectable)
  • Dashboard shows failed login attempts as a separate panel
  • Dashboard shows unique active users per day
  • Dashboard shows top users by API request count (from structured logs)

Test Expectations

  • Manual test: dashboard loads in Grafana without errors
  • Manual test: panels populate with data from Loki queries
  • Run command: tofu plan -lock=false to verify provisioning changes

Constraints

  • Follow existing dashboard patterns in terraform/dashboards/
  • Loki queries for Keycloak events and API structured logs
  • Dashboard must work with Grafana version deployed on cluster

Checklist

  • PR opened
  • Tests pass
  • No unrelated changes

Related

  • project-pal-e-platform -- platform infrastructure
  • Depends on: Keycloak event logging ticket
### Type Feature ### Lineage Standalone -- discovered during jersey ordering session 2026-03-29. Depends on Keycloak event logging ticket. ### Repo `forgejo_admin/pal-e-platform` ### User Story As an admin I want a Grafana dashboard showing login activity over time, failed attempts, and active users So that I can monitor how parents and coaches are using the platform ### Context Structured API logs already include `user_id` per authenticated request (basketball-api logging_config.py). Once Keycloak event logging is enabled (separate ticket), LOGIN/LOGOUT/ERROR events will flow to Loki. This ticket builds the Grafana dashboard to visualize both sources. Existing dashboards live in `terraform/dashboards/` as JSON files and are provisioned via the monitoring module. ### File Targets Files the agent should modify or create: - `terraform/dashboards/auth-activity-dashboard.json` -- new dashboard JSON with panels for login activity, failures, active users - `terraform/modules/monitoring/main.tf` -- register the new dashboard in Grafana provisioning config (follow pattern of existing dashboards) Files the agent should NOT touch: - `basketball-api/` -- no application code changes - `terraform/modules/keycloak/` -- Keycloak config is a separate ticket ### Acceptance Criteria - [ ] When I open Grafana, there is an "Auth Activity" dashboard - [ ] Dashboard shows logins over time (line chart, 24h/7d/30d selectable) - [ ] Dashboard shows failed login attempts as a separate panel - [ ] Dashboard shows unique active users per day - [ ] Dashboard shows top users by API request count (from structured logs) ### Test Expectations - [ ] Manual test: dashboard loads in Grafana without errors - [ ] Manual test: panels populate with data from Loki queries - Run command: `tofu plan -lock=false` to verify provisioning changes ### Constraints - Follow existing dashboard patterns in `terraform/dashboards/` - Loki queries for Keycloak events and API structured logs - Dashboard must work with Grafana version deployed on cluster ### Checklist - [ ] PR opened - [ ] Tests pass - [ ] No unrelated changes ### Related - `project-pal-e-platform` -- platform infrastructure - Depends on: Keycloak event logging ticket
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
fix-gem-bin-path
netpol-westside-ror
fix-woodpecker-multi-pipeline
345-harbor-mobile-css
290-payment-pipeline-observability
spec-board-centric-renderer
284-fix-add-pal-e-docs-namespace-to-postgres
284-add-pal-e-docs-postgres-netpol
188-cross-repo-worktree-isolation-for-parall
111-fix-keycloak-probe
86-fix-rotate-woodpecker-api-token-in-salt
71-feat-deploy-pyrra-slo-manager-with-servi
64-hotfix-woodpecker-oauth-login-broken-for
18-fix-grafana-duplicate-default-datasource-v2
18-fix-grafana-duplicate-default-datasource
13-fix-cnpg-all-parameters
No results found.
Labels
Clear labels   
domain:backend

   
domain:devops

   
domain:frontend

   
status:approved

QA passed, awaiting merge approval

  
status:in-progress

Dev agent is actively working

  
status:needs-fix

QA found issues, back to dev

  
status:qa

PR submitted, awaiting QA review

  
type:bug

Bug fix

  
type:devops

Infrastructure/CI/config work

  
type:feature

New functionality

No labels
domain:backend
domain:devops
domain:frontend
status:approved
status:in-progress
status:needs-fix
status:qa
type:bug
type:devops
type:feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
ldraney/pal-e-platform#252
No description provided.