Fail2ban monitoring with Netdata

Monitors the fail2ban log file to show all bans for all active jails.

Requirements

  • fail2ban.log file MUST BE readable by Netdata (A good idea is to add create 0640 root netdata to fail2ban conf at logrotate.d)

It produces one chart with multiple lines (one line per jail)

Configuration

Edit the python.d/fail2ban.conf configuration file using edit-config from the your agent's config directory, which is typically at /etc/netdata.

cd /etc/netdata # Replace this path with your Netdata config directory, if different
sudo ./edit-config python.d/fail2ban.conf

Sample:

local:
log_path: '/var/log/fail2ban.log'
conf_path: '/etc/fail2ban/jail.local'
exclude: 'dropbear apache'

If no configuration is given, module will attempt to read log file at /var/log/fail2ban.log and conf file at /etc/fail2ban/jail.local. If conf file is not found default jail is ssh.


Last updated on