fail2ban-regex − test Fail2ban "failregex" option
fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]
Fail2Ban reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.
This tools can test regular expressions for "fail2ban".
string |
a string representing a log line |
filename
path to a log file (/var/log/auth.log)
systemd−journal
search systemd journal (systemd−python required), optionally with backend parameters, see ‘man jail.conf‘ for usage and examples (systemd−journal[journalflags=1]).
string |
a string representing a ’failregex’ |
|||
filter |
name of filter, optionally with options (sshd[mode=aggressive]) |
filename
path to a filter file (filter.d/sshd.conf)
string |
a string representing an ’ignoreregex’ |
filename
path to a filter file (filter.d/sshd.conf)
−−version
show program’s version number and exit
−h, −−help
show this help message and exit
−c CONFIG, −−config=CONFIG
set alternate config directory
−d DATEPATTERN, −−datepattern=DATEPATTERN
set custom pattern used to match date/times
−−timezone=TIMEZONE, −−TZ=TIMEZONE
set time−zone used by convert time format
−e ENCODING, −−encoding=ENCODING
File encoding. Default: system locale
−r, −−raw
Raw hosts, don’t resolve dns
−−usedns=USEDNS
DNS specified replacement of tags <HOST> in regexp (’yes’ − matches all form of hosts, ’no’ − IP addresses only)
−L MAXLINES, −−maxlines=MAXLINES
maxlines for multi−line regex.
−m JOURNALMATCH, −−journalmatch=JOURNALMATCH
journalctl style matches overriding filter file. "systemd−journal" only
−l LOG_LEVEL, −−log−level=LOG_LEVEL
Log level for the Fail2Ban logger to use
−V |
get version in machine−readable short format |
−v, −−verbose
Increase verbosity
−−verbosity=VERBOSE
Set numerical level of verbosity (0..4)
−−verbose−date, −−VD
Verbose date patterns/regex in output
−D, −−debuggex
Produce debuggex.com urls for debugging there
−−no−check−all
Disable check for all regex’s
−o OUT, −−out=OUT
Set token to print failure information only (row, id, ip, msg, host, ip4, ip6, dns, matches, ...)
−−print−no−missed
Do not print any missed lines
−−print−no−ignored
Do not print any ignored lines
−−print−all−matched
Print all matched lines
−−print−all−missed
Print all missed lines, no matter how many
−−print−all−ignored
Print all ignored lines, no matter how many
−t, −−log−traceback
Enrich log−messages with compressed tracebacks
−−full−traceback
Either to make the tracebacks full, not compressed (as by default)
Written by Cyril Jaquier <[email protected]>. Many contributions by Yaroslav O. Halchenko, Steven Hiscocks, Sergey G. Brester (sebres).
Report bugs to https://github.com/fail2ban/fail2ban/issues
Copyright ©
2004−2008 Cyril Jaquier, 2008− Fail2Ban
Contributors
Copyright of modifications held by their respective authors.
Licensed under the GNU General Public License v2 (GPL).
fail2ban-client(1) fail2ban-server(1) jail.conf(5)