Dear fellow subscribers, based on the fail2ban-regex output below, I'm guessing fail2ban (0.8.14) has a problem with the default syslogd date format in OS X (Yosemite). If that's the case, is there a way to make it handle the format, which is 'Jan 6 16:50:00'?
sh-3.2# fail2ban-regex /var/log/system.log /etc/fail2ban/filter.d/sshd.conf Running tests ============= Use failregex file : /etc/fail2ban/filter.d/sshd.conf Use log file : /var/log/system.log Traceback (most recent call last): File "/usr/local/bin/fail2ban-regex", line 445, in <module> fail2banRegex.process(test_lines) File "/usr/local/bin/fail2ban-regex", line 268, in process line_datetimestripped, ret = fail2banRegex.testRegex(line) File "/usr/local/bin/fail2ban-regex", line 244, in testRegex line, ret = self._filter.processLine(line, checkAllRegex=True) File "/usr/share/fail2ban/server/filter.py", line 374, in processLine return logLine, self.findFailure(timeLine, logLine, returnRawHost, checkAllRegex) File "/usr/share/fail2ban/server/filter.py", line 426, in findFailure date = self.dateDetector.getUnixTime(timeLine) File "/usr/share/fail2ban/server/datedetector.py", line 215, in getUnixTime date = self.getTime(line) File "/usr/share/fail2ban/server/datedetector.py", line 203, in getTime date = template.getDate(line) File "/usr/share/fail2ban/server/datetemplate.py", line 219, in getDate date = list(iso8601.parse_date(value).timetuple()) File "/usr/share/fail2ban/server/iso8601.py", line 131, in parse_date % e) server.iso8601.ParseError: Failed to create a valid datetime record due to: year is out of range ------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
