Subsonic Forum

forum.subsonic.org
http://forum.subsonic.org/forum/

fail2ban regex

http://forum.subsonic.org/forum/viewtopic.php?f=2&t=18162

Page 1 of 1

fail2ban regex

PostPosted: Mon Nov 26, 2018 12:11 am
by spiritofjerry
Anyone willing to share the fail2ban regex they have written to parse the logs for failed hosts? I am quite the novice, and can get everything in the jail.conf set up just fine, but am having trouble with the regex required to get the filter working.

Thank you!

Re: fail2ban regex

PostPosted: Tue Nov 27, 2018 2:42 am
by CoolMojo
I don't actually monitor my subsonic logs - I monitor the apache logs (I have apache acting as a proxy) - but I *believe* the REGEX is the same:

Code: Select all
failregex = <HOST>.*GET.*(login\.view\?error).* 200


EDIT: Sorry. I'm wrong. It's not the same. Maybe try:

Code: Select all
failregex = *LoginFailureLogger.* [<HOST>]
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/