Guest User

Untitled

a guest
Sep 26th, 2018
281
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.88 KB | None | 0 0
  1. [INCLUDES]
  2. before = common.conf
  3.  
  4. [Definition]
  5. failregex = ^s*([.+?] )*Failed login for '.*' from <HOST> at $
  6.  
  7. [core]
  8. enabled = true
  9. filter = core
  10. port = http,https
  11. logpath = /home/rails/Documents/rails_app/devise.log
  12. bantime = 3600
  13. findtime = 600
  14. maxretry = 2
  15.  
  16. # Logfile created on 2018-09-26 16:19:41 -0500 by logger.rb/61378
  17. E, [2018-09-26T16:19:41.353620 #12157] ERROR -- : Failed login for 'ekjtherkjh@gmail.com' from 172.16.38.1 at 2018-09-26T21:19:41Z
  18. E, [2018-09-26T16:27:17.469743 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:17Z
  19. E, [2018-09-26T16:27:19.706783 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:19Z
  20. E, [2018-09-26T16:27:21.504956 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:21Z
  21. E, [2018-09-26T16:27:23.193147 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:23Z
  22.  
  23. [myuser:ubuntu:/etc/fail2ban/filter.d]$ fail2ban-regex /home/rails/Documents/rails_app/devise.log "^s*([.+?] )*Failed login for '.*' from <HOST> at $"
  24.  
  25. Running tests
  26. =============
  27.  
  28. Use failregex line : ^s*([.+?] )*Failed login for '.*' from <HOST> at $
  29. Use log file : /home/rails/Documents/rails_app/devise.log
  30. Use encoding : UTF-8
  31.  
  32.  
  33. Results
  34. =======
  35.  
  36. Failregex: 0 total
  37.  
  38. Ignoreregex: 0 total
  39.  
  40. Date template hits:
  41. |- [# of hits] date format
  42. | [13] ExYear(?P<_sep>[-/.])Month(?P=_sep)Day(?:T| ?)24hour:Minute:Second(?:[.,]Microseconds)?(?:s*Zone offset)?
  43. `-
  44.  
  45. Lines: 13 lines, 0 ignored, 0 matched, 13 missed
  46. [processed in 0.02 sec]
  47.  
  48. |- Missed line(s):
  49. | E, [2018-09-26T16:19:41.353620 #12157] ERROR -- : Failed login for 'ekjtherkjh@gmail.com' from 172.16.38.1 at 2018-09-26T21:19:41Z
  50. | E, [2018-09-26T16:27:17.469743 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:17Z
  51. | E, [2018-09-26T16:27:19.706783 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:19Z
  52. | E, [2018-09-26T16:27:21.504956 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:21Z
  53. | E, [2018-09-26T16:27:23.193147 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:23Z
  54. | E, [2018-09-26T16:27:24.959032 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:24Z
  55. | E, [2018-09-26T16:27:26.661292 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:26Z
  56. | E, [2018-09-26T16:27:28.297408 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:28Z
  57. | E, [2018-09-26T16:27:30.179503 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:30Z
  58. | E, [2018-09-26T16:27:31.940616 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:27:31Z
  59. | E, [2018-09-26T16:32:42.579173 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:32:42Z
  60. | E, [2018-09-26T16:32:44.817088 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:32:44Z
  61. | E, [2018-09-26T16:32:46.660918 #12157] ERROR -- : Failed login for 'kjelkjer@gmail.com' from 172.16.38.1 at 2018-09-26T21:32:46Z
  62.  
  63. [INCLUDES]
  64. before = common.conf
  65.  
  66. [Definition]
  67. failregex = <HOST>
  68.  
  69. [myuser:ubuntu:/etc/fail2ban/filter.d]$ fail2ban-regex /home/rails/Documents/rails_app/devise.log core.conf
  70.  
  71. Running tests
  72. =============
  73.  
  74. Use failregex filter file : core, basedir: /etc/fail2ban
  75. Use datepattern : Default Detectors
  76. Use log file : /home/rails/Documents/rails_app/devise.log
  77. Use encoding : UTF-8
  78.  
  79.  
  80. Results
  81. =======
  82.  
  83. Failregex: 0 total
  84.  
  85. Ignoreregex: 0 total
  86.  
  87. Date template hits:
  88.  
  89. Lines: 1 lines, 0 ignored, 0 matched, 1 missed
  90. [processed in 0.01 sec]
  91.  
  92. |- Missed line(s):
  93. | 172.16.38.1
  94. `-
Add Comment
Please, Sign In to add comment