Graylog with fail2ban

Hi all.
We are going to set up fail2ban on our systems (centos 7) and and I wonder how can I configure the rsyslog for fail2ban to send all its logs to graylog.


Setup a fail2ban.local file in /etc/fail2ban and put:


logtarget = SYSLOG

All the fail2ban logs will go to syslog instead of the /var/log/fail2ban.log file, and you just forward your rsyslog logs to graylog.

Hi all.

Does anybody implemented this?


Hi Kevin et all.Sorry I didn’t see this.
Thanks heaps. I will give it a try.


Hi Kevin.

I did that (logtarget = SYSLOG) but not sure how to configure the rsyslog facility to forward all the f2b logs to graylog.

Any examples?

Cheers describes some ways of forwarding rsyslog to graylog.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.