Subj : preventing brute force attempts on privleged ports
To   : NuSkooler
From : bugz
Date : Wed Apr 14 2021 07:57 pm

-=> NuSkooler wrote to bugz <=-

Nu> On Saturday, April 10th bugz said...
Bu> Unfortunately, fail2ban doesn't parse json logs.  Doesn't look like  are
Bu> going to be adding that anytime/if ever.  You're stuck using regex to
Bu> parse the logs.  Ugh!  https://xkcd.com/1171/

Nu> You can always use jq or such in your pipeline as well, or even
Nu> 'bunyan' (the tool to accompany Bunyan style/JSON logs)

Not with fail2ban.  It only allows regex, and only reads from a file.
And I think it doesn't like UTC times as well.  (Unless the server TZ is
also in UTC.)  For being so popular, it has some major things it doesn't
do.

But bunyan -L is quite a nice way to read the logs.

And python.  It can digest json.  :D

Take care,
bugz

... You can tune a piano but you can't tuna fish.

--- MultiMail/Linux v0.52


--- Talisman v0.18-dev (Linux/x86_64)
* Origin: HappyLand v2.0 - telnet://happylandbbs.com:11892/ (21:1/182)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.