Hi,
the monit logfile is configured with "SET LOGFILE <path|SYSLOG>" … in your case
the log goes to syslog, which decides to which file to log the message. Monit's
internal webserver is proprietary implementation - it's not mongrel. The failed
login attempts are logged with following messages:
Warning: Client 'xyz' supplied unknown user 'cdb' accessing monit httpd
Warning: Client 'xyz' supplied wrong password for user 'abc' accessing
monit httpd
Regards,
Martin
On Apr 26, 2012, at 2:54 PM, Alex wrote:
> I have Setup monit on Centos system an I use on apache "ProxyPass /monit/
> http://localhost:2812/"; in order to access it
> so the url is something like https://domanname/monit/
>
> I would like to know is it is possible to protect that url via fail2ban.
> I am searching to see if the - internal server ( mongerl as I read in the
> site) has some sort of log file for failed attempts like apaches "client
> <HOST>user authentication failure" so I can catch them with a regex...
>
> I use on the config
>
> set daemon 60
> set logfile syslog facility log_daemon
> set mailserver localhost
> set mail-format { from: monit@domname }
> set alert admin@domname
> set httpd port 2812 ADDRESS localhost and
> SSL DISABLE
> PEMFILE /var/certs/monit.pem
> allow adminname:pass
>
> I did try to search for both the logs and mongerl proc but with not luck.
> Is there someone who would know how to achieve that or perhaps could think of
> something else!
>
> Br Alex
>
> --
> To unsubscribe:
> https://lists.nongnu.org/mailman/listinfo/monit-general
--
To unsubscribe:
https://lists.nongnu.org/mailman/listinfo/monit-general
