Logon attempt succesfull or not?

I see a logon attempt in the desktop client but it does not say if it was successfull or not. Is there a way to find this out?

image746×157 31.6 KB

dear @theking2 your are not the first day user - please use support template for your questions!

in general if you get personal notification this means login was successful. you can review the logs to verify this (login using incognito mode and other network and check if the pattern matches the other attempt from 178.197.231.74)

101: logging, which logs exist, how to access and understand

My nextcloud did not change much:

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can.

* Nextcloud Server version:

• `Nextcloud 33.0.0`
  * Operating system and version:
• `#1 SMP PREEMPT Debian 1:6.12.62-1+rpt1~bookworm (2026-01-19)`
  * Web server and version:
• `Server version: Apache/2.4.66 (Debian)`
  * Reverse proxy and version:
• `nginx version: openresty/1.27.1.2`
  * PHP version:
• `PHP 8.4.18 (cli) (built: Feb 24 2026 19:12:53) (NTS)`
  * Is this the first time you’ve seen this error? (Yes / No):
• `yes`
  * When did this problem seem to first start?
• `prob direct after installation`
  * Installation method _(e.g. AlO, NCP, Bare Metal/Archive, etc.)_
• `OMV Container`
  * Are you using CloudfIare, mod_security, or similar? _(Yes / No)_
• `nope`

Configuration

Nextcloud

```
{
“system”: {
“instanceid”: “***REMOVED SENSITIVE VALUE***”,
“version”: “33.0.0.16”,
“loglevel”: 3,
“log_rotate_size”: 262144,
“maintenance”: false,
“maintenance_window_start”: 3,
“default_locale”: “DE_CH”,
“default_phone_region”: “CH”,
“datadirectory”: “***REMOVED SENSITIVE VALUE***”,
“memcache.local”: “\\OC\\Memcache\\APCu”,
“memcache.distributed”: “\\OC\\Memcache\\Redis”,
“memcache.locking”: “\\OC\\Memcache\\Redis”,
“redis”: {
“host”: “***REMOVED SENSITIVE VALUE***”,
“password”: “***REMOVED SENSITIVE VALUE***”,
“port”: 6379
},
“upgrade.disable-web”: true,
“passwordsalt”: “***REMOVED SENSITIVE VALUE***”,
“secret”: “***REMOVED SENSITIVE VALUE***”,
“dbtype”: “mysql”,
“mysql.utf8mb4”: true,
“dbhost”: “***REMOVED SENSITIVE VALUE***”,
“dbport”: “”,
“dbuser”: “***REMOVED SENSITIVE VALUE***”,
“dbname”: “***REMOVED SENSITIVE VALUE***”,
“dbpassword”: “***REMOVED SENSITIVE VALUE***”,
“dbtableprefix”: “oc_”,
“htaccess.RewriteBase”: “\/”,
“trusted_domains”: [
“srv-nas-pi.kingma:8080”,
“office.kingma.ch”,
“office.king.ma”
],
“overwrite.cli.url”: “https:\/\/office.kingma.ch”,
“overwriteprotocol”: “https”,
“apps_paths”: [
{
“path”: “\/var\/www\/html\/apps”,
“url”: “\/apps”,
“writable”: false
},
{
“path”: “\/var\/www\/html\/custom_apps”,
“url”: “\/custom_apps”,
“writable”: true
}
],
“mail_smtpmode”: “smtp”,
“mail_sendmailmode”: “smtp”,
“mail_from_address”: “***REMOVED SENSITIVE VALUE***”,
“mail_domain”: “***REMOVED SENSITIVE VALUE***”,
“mail_smtphost”: “***REMOVED SENSITIVE VALUE***”,
“mail_smtpport”: “465”,
“mail_smpttimeout”: 30,
“installed”: true,
“mail_smtpauth”: true,
“mail_smtpname”: “***REMOVED SENSITIVE VALUE***”,
“mail_smtppassword”: “***REMOVED SENSITIVE VALUE***”,
“mail_smtpsecure”: “ssl”,
“app_install_overwrite”: []
}
}
```

Apps

Enabled:

• activity: 6.0.0-dev.0
• admin_audit: 1.23.0
• bookmarks: 16.1.3
• brewmemo: 0.6.0
• bruteforcesettings: 6.0.0-dev.0
• calendar: 6.2.1
• circles: 33.0.0
• cloud_federation_api: 1.17.0
• comments: 1.23.0
• contacts: 8.4.0
• contactsinteraction: 1.14.1
• cookbook: 0.11.6
• dashboard: 7.13.0
• dav: 1.36.0
• encryption: 2.21.0
• end_to_end_encryption: 2.0.0
• federatedfilesharing: 1.23.0
• federation: 1.23.0
• files: 2.5.0
• files_downloadlimit: 5.1.0-dev.0
• files_external: 1.25.1
• files_pdfviewer: 6.0.0-dev.0
• files_reminders: 1.6.0
• files_sharing: 1.25.2
• files_trashbin: 1.23.0
• files_versions: 1.26.0
• firstrunwizard: 6.0.0-dev.0
• fulltextsearch: 33.0.0
• groupfolders: 21.0.6
• logreader: 6.0.0
• lookup_server_connector: 1.21.0
• nextcloud_announcements: 5.0.0
• notes: 4.13.0
• notifications: 6.0.0
• oauth2: 1.21.0
• onlyoffice: 10.0.0
• password_policy: 5.0.0-dev.0
• photos: 6.0.0-dev.0
• privacy: 5.0.0-dev.0
• profile: 1.2.0
• provisioning_api: 1.23.0
• recommendations: 6.0.0-dev.0
• related_resources: 4.0.0-dev.0
• richdocuments: 10.1.0
• serverinfo: 5.0.0-dev.0
• settings: 1.16.0
• sharebymail: 1.23.0
• support: 5.0.0
• survey_client: 5.0.0-dev.0
• suspicious_login: 11.0.0-dev.0
• systemtags: 1.23.0
• text: 7.0.0-dev.3
• theming: 2.8.0
• twofactor_backupcodes: 1.22.0
• twofactor_nextcloud_notification: 7.0.0
• twofactor_totp: 15.0.0-dev.0
• updatenotification: 1.23.0
• user_status: 1.13.0
• viewer: 6.0.0-dev.0
• weather_status: 1.13.0
• webhook_listeners: 1.5.0
• workflowengine: 2.15.0
  Disabled:
• app_api: 33.0.0 (installed 32.0.0)
• camerarawpreviews: 0.8.8 (installed 0.8.8)
• documentserver_community: 0.2.1 (installed 0.2.1)
• keeweb: 0.6.22 (installed 0.6.22)
• user_ldap: 1.24.0 (installed 1.22.0)

Summary of the issue you are facing:

[…]

Steps to replicate it (hint: details matter!):

Log entries

Nextcloud

Please provide the log entries from your Nextcloud log that are generated during the time of problem (via the *Copy raw* option from *Administration settings->Lo
gging* screen or from your `nextcloud.log` located in your data directory). Feel free to use a pastebin/gist service if necessary.
```
PASTE HERE
```

This looks like an excerpt of a notification from the Suspicious Login app. Unless it’s translated incorrectly from English, it’s not an “attempt” if you get notified. It’s a login.