There is not catalina.out in Tomcat9 on Ubuntu 18.04, the logs is set on /var/log/syslog
i´m looking for this too. Em seg., 30 de mar. de 2020 às 13:58, Piviul <[email protected]> escreveu: > Il 30/03/20 17:58, Giorgio ha scritto: > > I would be grateful if someone can help in fail2ban on ubuntu 18.04 + > > Tomcat 9 + apache Guacamole 1.1.0 > I don't think ubuntu 18.04 has a very different configuration from my > debian buster... > > First of all you have to check if you have enabled guacamole filter > settings in a jail. In my debian buster I have only configured the file > /etc/fail2ban/jail.conf.d/defaults-debian.conf adding a jail like: > > [guacamole] > > enabled=true > > Check if in /etc/fail2ban/jail.conf you have the jail guacamole like > this one > > [guacamole] > > > > port = http,https > > logpath = /var/log/tomcat*/catalina.out > > Well now fail2ban looks auth failed attempt in file > /var/log/tomcat*/catalina.out. Did you have such a file? > > Now you have to change the guacamole filter that you find in > /etc/fail2ban/filter.d/guacamole.conf changing the parameter failregex in: > > failregex = ^.*WARN o\.a\.g\.r\.auth\.AuthenticationService - > > Authentication attempt from <HOST> for user "[^"]*" failed\.$ > > now you have to restart fail2ban: > # systemctl restart fail2ban > > that's all > > Piviul > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
