Subj : preventing brute force attempts on privleged ports
To   : NuSkooler
From : bugz
Date : Wed Apr 14 2021 07:57 pm

-=> NuSkooler wrote to bugz <=-

 Nu> On Saturday, April 10th bugz said...
 Bu> Unfortunately, fail2ban doesn't parse json logs.  Doesn't look like  are
 Bu> going to be adding that anytime/if ever.  You're stuck using regex to
 Bu> parse the logs.  Ugh!  https://xkcd.com/1171/

 Nu> You can always use jq or such in your pipeline as well, or even
 Nu> 'bunyan' (the tool to accompany Bunyan style/JSON logs)

Not with fail2ban.  It only allows regex, and only reads from a file.
And I think it doesn't like UTC times as well.  (Unless the server TZ is
also in UTC.)  For being so popular, it has some major things it doesn't
do.

But bunyan -L is quite a nice way to read the logs.

And python.  It can digest json.  :D

Take care,
bugz

.... You can tune a piano but you can't tuna fish.

--- MultiMail/Linux v0.52
                  

--- Talisman v0.18-dev (Linux/x86_64)
 * Origin: HappyLand v2.0 - telnet://happylandbbs.com:11892/ (21:1/182)

.