Uncategorized

Ubuntu – fail2ban log

sudo zgrep 'Ban' /var/log/fail2ban.log*

but that output has so many lines. This counts lines of all logged banned (and likely unbanned) ip’s:

sudo zgrep 'Ban' /var/log/fail2ban.log* | wc -l

The output from above command (with line count) should match ‘Total Banned’ count in fail2ban’s status output:

fail2ban-client status sshd

tested in Ubuntu 18.04.1 LTS.

My output from ‘wc -l’ line:

7244

And from fail2ban’s status, the same 7244 number is verified:

Status for the jail: sshd
|- Filter
|  |- Currently failed: 7
|  |- Total failed: 49457
|  `- File list:    /var/log/auth.log
`- Actions
   |- Currently banned: 9
   |- Total banned: 7244
   `- Banned IP list:   [...]

Source: LINK

Similar Posts