Fail2ban GROK Log Pattern

Fail2ban GROK Log Pattern


View on Github
Open Issues

Fail2ban GROK Log Pattern

This is just a Fail2ban log GROK pattern to extract useful infor from fail2ban logs.

todo aka please help

I don’t completely understand the fail2ban log format and you’ll see two variables that are (imo) absolute rubbish. Pull requests welcome.

Updated on 3/20/19

Can now be used as a filter.conf file that you can put into an already in development .conf file, or as a separate filter file depending on your conf.d architecture.