Monitor Security Logs: Failed Login Alerts to Slack
Automates scanning of security logs for excessive failed login attempts using cron triggers, HTTP fetches, code analysis, and Slack notifications.
This 5-node n8n workflow monitors security logs for failed login attempts, providing real-time anomaly detection and instant Slack alerts to your team. It runs on a schedule (e.g., every 15 minutes) via a Cron node, fetches recent logs through an HTTP Request node, processes them in a Code node to count failures and unique IPs, checks against a configurable threshold with an If node, and sends detailed Slack alerts if anomalies are detected.
Key benefits include proactive threat detection, redu
Platform
n8n
Category
Travel & Hospitality
Price
$12.99
Creator
Bryce Yu
security
monitoring
slack
logs
failed-logins
anomaly-detection
cron
alerts
IT-automation
threshold-check
How to import this workflow into n8n
1Purchase or download the workflow to get the n8n workflow JSON file.
2In your n8n instance, open Workflows and choose "Import from File" (or paste the JSON with Ctrl+V on the canvas).
3Open each node marked with a credential warning and connect your own accounts and API keys.
4Run the workflow once manually to verify the data flow, then toggle it to Active.