Thursday, February 18, 2016

fail2ban testing

We can try to check whether our fail2ban config is sane or not with "fail2ban-regex". Here goes:

root@alhambra:/etc/fail2ban# fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf


This will test you "sshd" filter with the log file that you want to parse in /var/log/auth.log

If you want to look at the line that mactched;

 fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf    --print-all-matched

No comments: