commit 37a6da3443a57fcd5efef8deabacdcbdb96fed9a parent 53bd1694626e620ac0cc2fc8ba319cb1d6ac12fc Author: Daniel GarcĂa <dani-garcia@users.noreply.github.com> Date: Sun, 16 Dec 2018 20:06:46 +0100 Merge pull request #296 from jeslinmx/docsupdate updated fail2ban setup to match changes in logformat for 1.5.0 Diffstat:
| M | README.md | | | 5 | +++-- |
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md @@ -441,7 +441,7 @@ If you are using docker-compose, add this to you yaml file: ``` With the above settings in the docker-compose file. Any failed login attempts will look like this in your syslog file: ``` -$DATE $TIME $SERVER $TAG[979]: ERROR: Username or password is incorrect. Try again. IP: XX.XX.XX.XX. Username: email@domain.com. +MMM DD hh:mm:ss server-hostname $TAG[773]: [YYYY-MM-DD][hh:mm:ss][bitwarden_rs::api::identity][ERROR] Username or password is incorrect. Try again. IP: XXX.XXX.XXX.XXX. Username: email@domain.com. ``` You can change the '$TAG' to anything you like. Just remember it because it will be in the Fail2Ban filter. @@ -457,7 +457,8 @@ And add the following before = common.conf [Definition] -failregex = ^%(__prefix_line)s.*$TAG.* ERROR: Username or password is incorrect. Try again. IP: <HOST>\. Username:.*$ +_daemon = $TAG +failregex = ^%(__prefix_line)s.*Username or password is incorrect\. Try again\. IP: <HOST>\. Username:.*$ ignoreregex = ``` Dont forget to change the '$TAG' to what you set it as from above.