Hi,
I’m trying to write a filter to capture a username from log entries instead of
an IP address. So <HOST> can’t be used. Apparently a python regex should work
but I can’t find the right syntax for fail2ban-regex to catch the log entries
I’m after. I have no python experience so hopefully someone can help.
Here’s a sample log entry:
Dec 18 21:43:30 hostname application[26895]: {core} Login failed: ’someuser'
(Remote IP: ‘xxx.xxx.xxx.xxx', X-Forwarded-For: ‘')
I’ve tried the following in my filter without success:
{core} Login failed: ‘(?P<host>\S+)’
Any advise for this python rookie?
Thanks in advance.
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
