Fail2ban monitoring with Netdata

Monitors the fail2ban log file to show all bans for all active jails.

Requirements#

  • fail2ban.log file MUST BE readable by Netdata (A good idea is to add create 0640 root netdata to fail2ban conf at logrotate.d)

It produces one chart with multiple lines (one line per jail)

Configuration#

Edit the python.d/fail2ban.conf configuration file using edit-config from the Netdata config directory, which is typically at /etc/netdata.

cd /etc/netdata # Replace this path with your Netdata config directory, if different
sudo ./edit-config python.d/fail2ban.conf

Sample:

local:
log_path: '/var/log/fail2ban.log'
conf_path: '/etc/fail2ban/jail.local'
exclude: 'dropbear apache'

If no configuration is given, module will attempt to read log file at /var/log/fail2ban.log and conf file at /etc/fail2ban/jail.local. If conf file is not found default jail is ssh.


Last updated on

Monitor everything in real time – for free

Troubleshoot slowdowns and anomalies in your infrastructure with thousands of per-second metrics, meaningful visualizations, and insightful health alarms with zero configuration.

Get Netdata