From 2e85f9325a797977eea9dfea0a925775ddd211d9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Feb 2021 12:49:00 +0100 Subject: Merging upstream version 1.29.0. Signed-off-by: Daniel Baumann --- collectors/python.d.plugin/fail2ban/README.md | 22 ++++++++++++++++++---- .../python.d.plugin/fail2ban/fail2ban.chart.py | 20 +++++++++----------- 2 files changed, 27 insertions(+), 15 deletions(-) (limited to 'collectors/python.d.plugin/fail2ban') diff --git a/collectors/python.d.plugin/fail2ban/README.md b/collectors/python.d.plugin/fail2ban/README.md index 1ab0f6f63..c1ad994a5 100644 --- a/collectors/python.d.plugin/fail2ban/README.md +++ b/collectors/python.d.plugin/fail2ban/README.md @@ -1,14 +1,28 @@ -# fail2ban + -Module monitor fail2ban log file to show all bans for all active jails +# Fail2ban monitoring with Netdata -**Requirements:** +Monitors the fail2ban log file to show all bans for all active jails. + +## Requirements - fail2ban.log file MUST BE readable by Netdata (A good idea is to add **create 0640 root netdata** to fail2ban conf at logrotate.d) It produces one chart with multiple lines (one line per jail) -## configuration +## Configuration + +Edit the `python.d/fail2ban.conf` configuration file using `edit-config` from the Netdata [config +directory](/docs/configure/nodes.md), which is typically at `/etc/netdata`. + +```bash +cd /etc/netdata # Replace this path with your Netdata config directory, if different +sudo ./edit-config python.d/fail2ban.conf +``` Sample: diff --git a/collectors/python.d.plugin/fail2ban/fail2ban.chart.py b/collectors/python.d.plugin/fail2ban/fail2ban.chart.py index 9f5f2dcc4..99dbf79dd 100644 --- a/collectors/python.d.plugin/fail2ban/fail2ban.chart.py +++ b/collectors/python.d.plugin/fail2ban/fail2ban.chart.py @@ -3,15 +3,13 @@ # Author: ilyam8 # SPDX-License-Identifier: GPL-3.0-or-later -import re import os - +import re from collections import defaultdict from glob import glob from bases.FrameworkServices.LogService import LogService - ORDER = [ 'jails_bans', 'jails_in_jail', @@ -25,13 +23,13 @@ def charts(jails): ch = { ORDER[0]: { - 'options': [None, 'Jails Ban Rate', 'bans/s', 'bans', 'jail.bans', 'line'], - 'lines': [] + 'options': [None, 'Jails Ban Rate', 'bans/s', 'bans', 'jail.bans', 'line'], + 'lines': [] }, ORDER[1]: { - 'options': [None, 'Banned IPs (since the last restart of netdata)', 'IPs', 'in jail', - 'jail.in_jail', 'line'], - 'lines': [] + 'options': [None, 'Banned IPs (since the last restart of netdata)', 'IPs', 'in jail', + 'jail.in_jail', 'line'], + 'lines': [] }, } for jail in jails: @@ -52,7 +50,7 @@ def charts(jails): return ch -RE_JAILS = re.compile(r'\[([a-zA-Z0-9_-]+)\][^\[\]]+?enabled\s+= (true|false)') +RE_JAILS = re.compile(r'\[([a-zA-Z0-9_-]+)\][^\[\]]+?enabled\s+= +(true|yes|false|no)') # Example: # 2018-09-12 11:45:53,715 fail2ban.actions[25029]: WARNING [ssh] Unban 195.201.88.33 @@ -198,9 +196,9 @@ class Service(LogService): if name in exclude: continue - if status == 'true' and name not in active_jails: + if status in ('true','yes') and name not in active_jails: active_jails.append(name) - elif status == 'false' and name in active_jails: + elif status in ('false','no') and name in active_jails: active_jails.remove(name) return active_jails or DEFAULT_JAILS -- cgit v1.2.3