Not sure if this is a bug or if I’m doing something wrong but basically every time I make a REST api call to a mikrotik device, it creates a new active user, that seems to linger forever. At the moment I have about a hundred active users. I’ve tested this with 7.14.3 and 7.15rc1, same thing for both.
/user/active> print proplist=when,via
Columns: WHEN, VIA
# WHEN VIA
0 2024-04-24 16:31:07 (unknown)
1 2024-04-24 16:41:44 (unknown)
2 2024-04-24 16:51:45 (unknown)
3 2024-04-24 17:01:45 (unknown)
4 2024-04-24 17:11:46 (unknown)
5 2024-04-24 17:21:47 (unknown)
6 2024-04-24 17:31:47 (unknown)
7 2024-04-24 17:41:48 (unknown)
8 2024-04-24 17:51:48 (unknown)
9 2024-04-24 18:01:49 (unknown)
10 2024-04-24 18:11:49 (unknown)
11 2024-04-24 18:21:50 (unknown)
12 2024-04-24 18:31:50 (unknown)
13 2024-04-24 18:41:51 (unknown)
14 2024-04-24 18:51:52 (unknown)
15 2024-04-24 19:01:52 (unknown)
16 2024-04-24 19:11:53 (unknown)
17 2024-04-24 19:21:53 (unknown)
18 2024-04-24 19:31:54 (unknown)
19 2024-04-24 19:41:54 (unknown)
20 2024-04-24 19:51:55 (unknown)
21 2024-04-24 20:01:55 (unknown)
22 2024-04-24 20:11:56 (unknown)
23 2024-04-24 20:21:56 (unknown)
24 2024-04-24 20:31:57 (unknown)
25 2024-04-24 20:41:57 (unknown)
26 2024-04-24 20:51:58 (unknown)
Amm0
April 25, 2024, 2:44am
2
I want to say it used say “api” for via, not “(unknown)” - so that’s also not right here.
When you say “forever”, so you mean longer than 2 minutes. AFAIK REST API is just a proxy layer over the native API, and that api uses sessions… so reasonable it stick around for REST timeout plus some extra to avoid re-auth to native API for subsequent stateless HTTP REST API requests.
But >5 minutes would seem to be a bug, likely even shorter than that too.
Yes, a lot longer than 5 minutes, those logins are hours old, also, it does create an api user too (only one as far as I’ve seen), but the unknowns just keep adding up.
...
60 2024-04-25 02:22:17 (unknown)
61 2024-04-25 02:32:17 (unknown)
62 2024-04-25 02:42:18 (unknown)
63 2024-04-25 02:42:18 api
Amm0
April 25, 2024, 3:12am
4
I see two entries (plus winbox ones) in 7.15rc1. One that says (unknown) from the remote IP, and 2nd that says “api” with no IP.
1 2024-04-24 11:18:10 xxxuser 192.XX.XX.148 (unknown)
2 2024-04-24 11:18:10 xxxuser api
I don’t see multiple ones, but I only tested from my laptop, so only one remote IP. I’ll check tomorrow and see if it’s still there since this router doesn’t (or shouldn’t) get any REST API calls.
Ah, sorry forgot to mention that all my users are from the same ip too. A new user is created every 10 minutes, I think that that is the interval of the keep-alive in the rest api (a new connection created every 10 minutes).
# WHEN VIA ADDRESS
0 2024-04-24 16:31:07 (unknown) 192.xx.xx.1
1 2024-04-24 16:41:44 (unknown) 192.xx.xx.1
2 2024-04-24 16:51:45 (unknown) 192.xx.xx.1
3 2024-04-24 17:01:45 (unknown) 192.xx.xx.1
4 2024-04-24 17:11:46 (unknown) 192.xx.xx.1
5 2024-04-24 17:21:47 (unknown) 192.xx.xx.1
6 2024-04-24 17:31:47 (unknown) 192.xx.xx.1
7 2024-04-24 17:41:48 (unknown) 192.xx.xx.1
8 2024-04-24 17:51:48 (unknown) 192.xx.xx.1
9 2024-04-24 18:01:49 (unknown) 192.xx.xx.1
10 2024-04-24 18:11:49 (unknown) 192.xx.xx.1
11 2024-04-24 18:21:50 (unknown) 192.xx.xx.1
12 2024-04-24 18:31:50 (unknown) 192.xx.xx.1
13 2024-04-24 18:41:51 (unknown) 192.xx.xx.1
14 2024-04-24 18:51:52 (unknown) 192.xx.xx.1
15 2024-04-24 19:01:52 (unknown) 192.xx.xx.1
16 2024-04-24 19:11:53 (unknown) 192.xx.xx.1
17 2024-04-24 19:21:53 (unknown) 192.xx.xx.1
18 2024-04-24 19:31:54 (unknown) 192.xx.xx.1
19 2024-04-24 19:41:54 (unknown) 192.xx.xx.1
20 2024-04-24 19:51:55 (unknown) 192.xx.xx.1
21 2024-04-24 20:01:55 (unknown) 192.xx.xx.1
22 2024-04-24 20:11:56 (unknown) 192.xx.xx.1
23 2024-04-24 20:21:56 (unknown) 192.xx.xx.1
24 2024-04-24 20:31:57 (unknown) 192.xx.xx.1
25 2024-04-24 20:41:57 (unknown) 192.xx.xx.1
26 2024-04-24 20:51:58 (unknown) 192.xx.xx.1
27 2024-04-24 21:01:59 (unknown) 192.xx.xx.1
28 2024-04-24 21:11:59 (unknown) 192.xx.xx.1
29 2024-04-24 21:22:00 (unknown) 192.xx.xx.1
30 2024-04-24 21:32:00 (unknown) 192.xx.xx.1
31 2024-04-24 21:42:01 (unknown) 192.xx.xx.1
32 2024-04-24 21:52:01 (unknown) 192.xx.xx.1
33 2024-04-24 22:02:02 (unknown) 192.xx.xx.1
34 2024-04-24 22:12:02 (unknown) 192.xx.xx.1
35 2024-04-24 22:22:03 (unknown) 192.xx.xx.1
36 2024-04-24 22:32:04 (unknown) 192.xx.xx.1
37 2024-04-24 22:42:04 (unknown) 192.xx.xx.1
38 2024-04-24 22:52:05 (unknown) 192.xx.xx.1
Sent an email to Mikrotik support about this, they confirmed it is a real issue, and they are aware of it.
Hello, Same issue in 7.13.5
/user/active/print
Columns: WHEN, NAME, ADDRESS, VIA
# WHEN NAME ADDRESS VIA
0 2024-02-29 18:09:04 admin 172.31.111.2 (unknown)
1 2024-02-29 18:19:27 admin 172.31.111.2 (unknown)
2 2024-02-29 18:29:27 admin 172.31.111.2 (unknown)
3 2024-02-29 18:39:27 admin 172.31.111.2 (unknown)
4 2024-02-29 18:49:57 admin 172.31.111.2 (unknown)
5 2024-02-29 19:00:27 admin 172.31.111.2 (unknown)
6 2024-02-29 19:10:27 admin 172.31.111.2 (unknown)
7 2024-02-29 19:20:57 admin 172.31.111.2 (unknown)
8 2024-02-29 19:31:27 admin 172.31.111.2 (unknown)
9 2024-02-29 19:41:27 admin 172.31.111.2 (unknown)
10 2024-02-29 19:51:27 admin 172.31.111.2 (unknown)
11 2024-02-29 20:01:27 admin 172.31.111.2 (unknown)
12 2024-02-29 20:11:57 admin 172.31.111.2 (unknown)
/user/active/print count-only
9306
DjM
May 14, 2024, 3:31pm
8
Can you, please, share the support ticket number?
Thank you
The issue with stuck active users and unknown rest-api sessions will be addressed in RouterOS 7.16 version.
DjM
May 31, 2024, 7:16am
10
Thank you @matiss .
Could you share the SUP ticket number for a reference, please? - to have a possibility to check the status.
Thank you
Has been fixed in RouterOS version 7.16