OK, since it's working that most likely means you have rsyslog turned on
also. If you use the fail2ban systemd then fail2ban will log its output
to systemd instead of the rsyslog log. The big difference is that
systemd does not by default store the journals to a drive, Centos might
already have systemd setup to flush the logs to disk Fedora does, and I
think that Centos is based on Fedora. Besides that systemd journals are
in a binary format so you can't access the log without using journalctl
or another third party package. Syslog is plain text so you can use
grep, awk, sed or anything else you want to. Viewing or changing the
logs for good or bad is fairly simple, while corrupt data in a journal
is a real pain, you just can't go in and cut it out like a text file
So really it is just a preference, I don't know of a performance
advantage of systemd. I was already sending all my logs to systemd and
didn't want to make any changes in my system monitoring scripts. That
turned into a pipe dream
when I upgraded to Fedora 21. If you would like to read more about
systemd you can check out this web site
http://www.freedesktop.org/wiki/Software/systemd/
On Sun, 2015-07-12 at 11:58 -0700, E.B. wrote:
> I have systemd and installing fail2ban without the
> additional fail2ban-systemd package working fine.
> So quetsion not "what is systemd" but what does
> the fail2ban-systemd package add to an already
> working setup? Some benefit?
>
> > You only need the systemd for fail2ban if that is how Centos is set up.
> > Systemd is a replacement for SysV,. It also has some basic security and a
> > replacement for syslog built in. I don't know if it is better but that is
> > what came out of the box for Fedora so that is what I use. The log files
> > are stored in a binary format in journal files and are accessed with the
> > journalctl application. The use dydtemd backend in fail2ban uses a python
> > package to access the journal. since the error is "access denied " the
> > usually means the file you are looking for is there but the account you are
> > using does not have read access for it. If Selinux is causing the access
> > denied, the quick way to test is use setenforce 0. If after that if you
> > still can not access the files then the problem is either with you group
> > assignment for file permissions.
> >
> > On Sun, 2015-07-12 at 02:37 -0700, E.B. wrote:
> > > >Are you running SElinux?
> > >
> > > For me installed on CentOS 7 without special attention to SELinux.
> > > Saw only one strange AVC for iptables to read http logs, maybe for
> > > email notify. But basic operation fine out of the box.
> > > But I didn't try the fail2ban-systemd package. Does it change the
> > > default polling method? is it better in some way?
>
> ------------------------------------------------------------------------------
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> Fail2ban-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
