Hi all.
We are going to set up fail2ban on our systems (centos 7) and and I wonder how can I configure the rsyslog for fail2ban to send all its logs to graylog.
Cheers
Hi all.
We are going to set up fail2ban on our systems (centos 7) and and I wonder how can I configure the rsyslog for fail2ban to send all its logs to graylog.
Cheers
Setup a fail2ban.local file in /etc/fail2ban and put:
[Definition]
logtarget = SYSLOG
All the fail2ban logs will go to syslog instead of the /var/log/fail2ban.log file, and you just forward your rsyslog logs to graylog.
Hi all.
Does anybody implemented this?
Cheers
Hi Kevin et all.Sorry I didn’t see this.
Thanks heaps. I will give it a try.
cheers
Hi Kevin.
I did that (logtarget = SYSLOG) but not sure how to configure the rsyslog facility to forward all the f2b logs to graylog.
Any examples?
Cheers
https://marketplace.graylog.org/addons/a47beb3b-0bd9-4792-a56a-33b27b567856 describes some ways of forwarding rsyslog to graylog.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.