You must have missed the discussion back in December about cleaning up the
sqlite3
database:
https://sourceforge.net/p/fail2ban/mailman/message/36158578/
The short version. Trim the sqlite3 database to only the last 90 days:
-
File /etc/fail2ban/fail2ban.prune.sqlite.commands:
delete from bans where timeofban <= strftime('%s', date('now', '-90 days'));
vacuum;
.quit
From cli:
sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 <
/etc/fail2ban/fail2ban.prune.sqlite.commands
Can schedule in cron too.
-
Bill
On 3/6/2018 2:47 AM, Mitchell Krog Photography wrote:
My preferred method to reset the log file and database (complete reset)
sudo service fail2ban stopsudo truncate -s 0/var/log/fail2ban.log sudo rm /var/lib/fail2ban/fail2ban.sqlite3sudo service
fail2ban restart
On 2018/03/06 02:32:42, Bill Shirley wrote:
From the nightly log rotation /etc/logrotate.d/fail2ban
/var/log/fail2ban.log {
missingok
notifempty
postrotate
/usr/bin/fail2ban-client flushlogs >/dev/null || true
endscript
}
I think you would run:
fail2ban-client flushlogs
Bill
On 3/5/2018 2:49 PM, Rose, John B wrote:
We have an overly full log file because of extraneous data due to a poorly selected loglevel. What is the best way to
approach this problem?
Thanks
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
