Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [INCLUDES]
- before = common.conf
- [Definition]
- failregex = ^s*([.+?] )*Failed login for '.*' from <HOST> at $
- [core]
- enabled = true
- filter = core
- port = http,https
- logpath = /home/rails/Documents/rails_app/devise.log
- bantime = 3600
- findtime = 600
- maxretry = 2
- # Logfile created on 2018-09-26 16:19:41 -0500 by logger.rb/61378
- E, [2018-09-26T16:19:41.353620 #12157] ERROR -- : Failed login for 'ekjtherkjh@gmail.com' from 172.16.38.1 at 2018-09-26T21:19:41Z
- E, [2018-09-26T16:27:17.469743 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:17Z
- E, [2018-09-26T16:27:19.706783 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:19Z
- E, [2018-09-26T16:27:21.504956 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:21Z
- E, [2018-09-26T16:27:23.193147 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:23Z
- [myuser:ubuntu:/etc/fail2ban/filter.d]$ fail2ban-regex /home/rails/Documents/rails_app/devise.log "^s*([.+?] )*Failed login for '.*' from <HOST> at $"
- Running tests
- =============
- Use failregex line : ^s*([.+?] )*Failed login for '.*' from <HOST> at $
- Use log file : /home/rails/Documents/rails_app/devise.log
- Use encoding : UTF-8
- Results
- =======
- Failregex: 0 total
- Ignoreregex: 0 total
- Date template hits:
- |- [# of hits] date format
- | [13] ExYear(?P<_sep>[-/.])Month(?P=_sep)Day(?:T| ?)24hour:Minute:Second(?:[.,]Microseconds)?(?:s*Zone offset)?
- `-
- Lines: 13 lines, 0 ignored, 0 matched, 13 missed
- [processed in 0.02 sec]
- |- Missed line(s):
- | E, [2018-09-26T16:19:41.353620 #12157] ERROR -- : Failed login for 'ekjtherkjh@gmail.com' from 172.16.38.1 at 2018-09-26T21:19:41Z
- | E, [2018-09-26T16:27:17.469743 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:17Z
- | E, [2018-09-26T16:27:19.706783 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:19Z
- | E, [2018-09-26T16:27:21.504956 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:21Z
- | E, [2018-09-26T16:27:23.193147 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:23Z
- | E, [2018-09-26T16:27:24.959032 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:24Z
- | E, [2018-09-26T16:27:26.661292 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:26Z
- | E, [2018-09-26T16:27:28.297408 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:28Z
- | E, [2018-09-26T16:27:30.179503 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:30Z
- | E, [2018-09-26T16:27:31.940616 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:31Z
- | E, [2018-09-26T16:32:42.579173 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:32:42Z
- | E, [2018-09-26T16:32:44.817088 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:32:44Z
- | E, [2018-09-26T16:32:46.660918 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:32:46Z
- [INCLUDES]
- before = common.conf
- [Definition]
- failregex = <HOST>
- [myuser:ubuntu:/etc/fail2ban/filter.d]$ fail2ban-regex /home/rails/Documents/rails_app/devise.log core.conf
- Running tests
- =============
- Use failregex filter file : core, basedir: /etc/fail2ban
- Use datepattern : Default Detectors
- Use log file : /home/rails/Documents/rails_app/devise.log
- Use encoding : UTF-8
- Results
- =======
- Failregex: 0 total
- Ignoreregex: 0 total
- Date template hits:
- Lines: 1 lines, 0 ignored, 0 matched, 1 missed
- [processed in 0.01 sec]
- |- Missed line(s):
- | 172.16.38.1
- `-
Add Comment
Please, Sign In to add comment