sounds like a systemd library issue and our fix for it past 0.9.1:
commit 6dfddbcdf62553d56483d4990e84261845f46508
Author: Serg G. Brester <[email protected]>
Date: Fri Nov 7 01:21:38 2014 +0100
Bug fix in formatJournalEntry, gh-851
Unhandled exception in fail2ban 0.9.1 #851
On Sun, 26 Apr 2015, Ivan Demkovitch wrote:
> Hello list!
> I'm trying to get fail2ban running on CentOS7 (no SELinux) and it uses
> firewalld. My goal is to set it to ban Asterisk password fails.
> Setup was default yum install fail2ban-all
> Config-wise I ONLY added jail.local with following:
> [DEFAULT]
> destemail = [email protected]
> sender = [email protected]
> [asterisk]
> enabled = true
> Now when I reboot fail2ban service I get fail2ban.log entries like this:
> 2015-04-26 13:52:53,159 fail2ban.server [2915]: INFO Changed
> logging target to /var/log/fail2ban.log for Fail2ban v0.9.1
> 2015-04-26 13:52:53,161 fail2ban.database [2915]: INFO Connected
> to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
> 2015-04-26 13:52:53,169 fail2ban.jail [2915]: INFO Creating
> new jail 'asterisk'
> 2015-04-26 13:52:53,193 fail2ban.jail [2915]: INFO Jail
> 'asterisk' uses systemd
> 2015-04-26 13:52:53,225 fail2ban.jail [2915]: INFO Initiated
> 'systemd' backend
> 2015-04-26 13:52:53,232 fail2ban.filter [2915]: INFO Set
> maxRetry = 10
> 2015-04-26 13:52:53,234 fail2ban.actions [2915]: INFO Set
> banTime = 600
> 2015-04-26 13:52:53,235 fail2ban.filter [2915]: INFO Set
> findtime = 600
> 2015-04-26 13:52:53,322 fail2ban.filtersystemd [2915]: NOTICE Jail
> started without 'journalmatch' set. Jail regexs will be checked against
> all journal entries, which is not advised for performance reasons.
> 2015-04-26 13:52:53,409 fail2ban.jail [2915]: INFO Jail
> 'asterisk' started
> 2015-04-26 13:52:53,510 fail2ban [2915]: CRITICAL Unhandled
> exception in Fail2Ban:
> Traceback (most recent call last):
> File "/usr/lib/python2.7/site-packages/fail2ban/server/jailthread.py",
> line 64, in run_with_except_hook
> run(*args, **kwargs)
> File
> "/usr/lib/python2.7/site-packages/fail2ban/server/filtersystemd.py", line
> 244, in run
> *self.formatJournalEntry(logentry))
> File
> "/usr/lib/python2.7/site-packages/fail2ban/server/filtersystemd.py", line
> 172, in formatJournalEntry
> 'SYSLOG_PID', logentry['_PID']))
> KeyError: '_PID'
> I did search online and it seems like it related to a**backenda**. But it
> does pick backend correctly. What am I missing?
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> Fail2ban-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
--
Yaroslav O. Halchenko, Ph.D.
http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org
Research Scientist, Psychological and Brain Sciences Dept.
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419
WWW: http://www.linkedin.com/in/yarik
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
