View previous topic :: View next topic |
Author |
Message |
Nicias Guru
Joined: 06 Dec 2005 Posts: 446
|
Posted: Fri Feb 24, 2012 9:12 pm Post subject: fail2ban not logging to SYSLOG |
|
|
I think I have fail2ban set up correctly, but it won't log to SYSLOG. As soon as I set logtarget=SYSLOG, logging stops. Any suggestions:
Code: | #cat /etc/fail2ban/fail2ban.conf
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
#
# $Revision: 629 $
#
[Definition]
# Option: loglevel
# Notes.: Set the log level output.
# 1 = ERROR
# 2 = WARN
# 3 = INFO
# 4 = DEBUG
# Values: NUM Default: 3
#
loglevel = 4
# Option: logtarget
# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
# Only one log target can be specified.
# Values: STDOUT STDERR SYSLOG file Default: /var/log/fail2ban.log
#
logtarget = SYSLOG
# Option: socket
# Notes.: Set the socket file. This is used to communicate with the daemon. Do
# not remove this file when Fail2ban runs. It will not be possible to
# communicate with the server afterwards.
# Values: FILE Default: /var/run/fail2ban/fail2ban.sock
#
socket = /var/run/fail2ban/fail2ban.sock
|
|
|
Back to top |
|
|
gerdesj l33t
Joined: 29 Sep 2005 Posts: 621 Location: Yeovil, Somerset, UK
|
Posted: Mon Feb 27, 2012 1:00 am Post subject: Re: fail2ban not logging to SYSLOG |
|
|
What system logger are you using? (there are several available)
Also, what facility etc does f2b use?
Cheers
Jon |
|
Back to top |
|
|
Nicias Guru
Joined: 06 Dec 2005 Posts: 446
|
Posted: Mon Feb 27, 2012 3:34 am Post subject: |
|
|
I am using metalog, I don't know what facility fail2ban uses, but it wasn't even reporting on /var/log/everything/. However, I decided not to use fail2ban anyway. I disabled password login anyway, so they can brute force all they want. Without a rsa key, no way in. |
|
Back to top |
|
|
bfx81 n00b
Joined: 25 Oct 2006 Posts: 21
|
|
Back to top |
|
|
|