Monitors the fail2ban log file to show all bans for all active jails.
fail2ban.log file must be readable by the user
- change the file ownership and access permissions.
/etc/logrotate.d/fail2banto persists the changes after rotating the log file.
Click to expand the instruction.
To change the file ownership and access permissions, execute the following:
sudo chown root:netdata /var/log/fail2ban.log
sudo chmod 640 /var/log/fail2ban.log
To persist the changes after rotating the log file, add
create 640 root netdata to the
fail2ban-client flushlogs 1>/dev/null
# If fail2ban runs as non-root it still needs to have write access
# to logfiles.
# create 640 fail2ban adm
create 640 root netdata
- Failed attempts in attempts/s
- Bans in bans/s
- Banned IP addresses (since the last restart of netdata) in ips
python.d/fail2ban.conf configuration file using
edit-config from the
Netdata config directory, which is typically at
cd /etc/netdata # Replace this path with your Netdata config directory, if different
sudo ./edit-config python.d/fail2ban.conf
exclude: 'dropbear apache'
If no configuration is given, module will attempt to read log file at
/var/log/fail2ban.log and conf file
/etc/fail2ban/jail.local. If conf file is not found default jail is
To troubleshoot issues with the
fail2ban module, run the
python.d.plugin with the debug option enabled. The
output will give you the output of the data collection job or error messages on why the collector isn't working.
First, navigate to your plugins directory, usually they are located under
/usr/libexec/netdata/plugins.d/. If that's
not the case on your system, open
netdata.conf and look for the setting
plugins directory. Once you're in the
plugin's directory, switch to the
sudo su -s /bin/bash netdata
Now you can manually run the
fail2ban module in debug mode:
./python.d.plugin fail2ban debug trace
Was this page helpful?
Need more help?
- Join our community
- Submit a bug or feature request for the FOSS agent
- Submit a bug or feature request for the Netdata cloud