FAIL2BAN-REGEX

Section: User Commands (1)
Updated: October 2018
Page Index
 

NAME

fail2ban-regex - test Fail2ban "failregex" option  

SYNOPSIS

fail2ban-regex [,OPTIONS/] ,<LOG> <REGEX> /[,IGNOREREGEX/]  

DESCRIPTION

Fail2Ban reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.

This tools can test regular expressions for "fail2ban".  

LOG:

string
a string representing a log line
filename
path to a log file (,/var/log/auth.log/)
"systemd-journal"
search systemd journal (systemd-python required)
 

REGEX:

string
a string representing a 'failregex'
filename
path to a filter file (filter.d/sshd.conf)
 

IGNOREREGEX:

string
a string representing an 'ignoreregex'
filename
path to a filter file (filter.d/sshd.conf)
 

OPTIONS

--version
show program's version number and exit
-h, --help
show this help message and exit
-c CONFIG, --config=,CONFIG/
set alternate config directory
-d DATEPATTERN, --datepattern=,DATEPATTERN/
set custom pattern used to match date/times
--timezone=,TIMEZONE/, --TZ=,TIMEZONE/
set time-zone used by convert time format
-e ENCODING, --encoding=,ENCODING/
File encoding. Default: system locale
-r, --raw
Raw hosts, don't resolve dns
--usedns=,USEDNS/
DNS specified replacement of tags <HOST> in regexp ('yes' - matches all form of hosts, 'no' - IP addresses only)
-L MAXLINES, --maxlines=,MAXLINES/
maxlines for multi-line regex.
-m JOURNALMATCH, --journalmatch=,JOURNALMATCH/
journalctl style matches overriding filter file. "systemd-journal" only
-l LOG_LEVEL, --log-level=,LOG_LEVEL/
Log level for the Fail2Ban logger to use
-V
get version in machine-readable short format
-v, --verbose
Increase verbosity
--verbosity=,VERBOSE/
Set numerical level of verbosity (0..4)
--verbose-date, --VD
Verbose date patterns/regex in output
-D, --debuggex
Produce debuggex.com urls for debugging there
--print-no-missed
Do not print any missed lines
--print-no-ignored
Do not print any ignored lines
--print-all-matched
Print all matched lines
--print-all-missed
Print all missed lines, no matter how many
--print-all-ignored
Print all ignored lines, no matter how many
-t, --log-traceback
Enrich log-messages with compressed tracebacks
--full-traceback
Either to make the tracebacks full, not compressed (as by default)
 

AUTHOR

Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>. Many contributions by Yaroslav O. Halchenko and Steven Hiscocks.  

REPORTING BUGS

Report bugs to https://github.com/fail2ban/fail2ban/issues  

COPYRIGHT

Copyright © 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
Copyright of modifications held by their respective authors. Licensed under the GNU General Public License v2 (GPL).  

SEE ALSO


fail2ban-client(1) fail2ban-server(1)


 

Index

NAME
SYNOPSIS
DESCRIPTION
LOG:
REGEX:
IGNOREREGEX:
OPTIONS
AUTHOR
REPORTING BUGS
COPYRIGHT
SEE ALSO