Hi,
I'm looking around to see where I can configure an automatic account lockout after xxx incorrect logon attempts - as I've had an account brute-forced..
For various reasons, I don't want to deploy fail2ban. Possibly it'd be easiest initially if I can see where failed logon attempts are logged? Or if that's not a default - what log level do I need to set on which service to log failed logons?
thx