fail2ban-regex with docker logs #3228
-
Hello everyone, I am running an application (Komga) inside a docker container and it's producing the logs below:
Within the log above, the failed authentication activities will contain the words "Bad Credentials":
I tried to use the following regex to match and ran it with fail2ban-regex
But fail2ban wasn't able to block (or even detect) any ips after testing with a few failed login activities. I tried to test the entire log file using fail2ban-regex and it was able to match all of the failed login lines. Am I missing out something in the regex? EditHere are my configurations filter file:
|
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
Ok, I found the problem. There was a typo in the filter file, |
Beta Was this translation helpful? Give feedback.
Ok, I found the problem.
There was a typo in the filter file,
failregex
notfailreges
.