blob: d4e919f46dde67e8e4eccfacc45d0e1002ca61ac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
plugin_name: go.d.plugin
modules:
- meta:
id: collector-go.d.plugin-fail2ban
plugin_name: go.d.plugin
module_name: fail2ban
monitored_instance:
name: Fail2ban
link: "https://github.com/fail2ban/fail2ban#readme"
icon_filename: fail2ban.png
categories:
- data-collection.authentication-and-authorization
keywords:
- fail2ban
- security
- authentication
- authorization
related_resources:
integrations:
list: []
info_provided_to_referring_integrations:
description: ""
most_popular: false
overview:
data_collection:
metrics_description: >
This collector tracks two main metrics for each jail: currently banned IPs and active failure incidents.
It relies on the [`fail2ban-client`](https://linux.die.net/man/1/fail2ban-client) CLI tool but avoids directly executing the binary.
Instead, it utilizes `ndsudo`, a Netdata helper specifically designed to run privileged commands securely within the Netdata environment.
This approach eliminates the need to use `sudo`, improving security and potentially simplifying permission management.
method_description: ""
supported_platforms:
include: [Linux]
exclude: []
multi_instance: false
additional_permissions:
description: ""
default_behavior:
auto_detection:
description: ""
limits:
description: ""
performance_impact:
description: ""
setup:
prerequisites:
list:
- title: For Netdata running in a Docker container
description: |
1. **Install Fail2ban client**.
Ensure `fail2ban-client` is available in the container by setting the environment variable `NETDATA_EXTRA_DEB_PACKAGES=fail2ban` when starting the container.
2. **Mount host's `/var/run` directory**.
Mount the host machine's `/var/run` directory to `/host/var/run` inside your Netdata container. This grants Netdata access to the Fail2ban socket file, typically located at `/var/run/fail2ban/fail2ban.sock`.
configuration:
file:
name: go.d/fail2ban.conf
options:
description: |
The following options can be defined globally: update_every.
folding:
title: Config options
enabled: true
list:
- name: update_every
description: Data collection frequency.
default_value: 10
required: false
- name: timeout
description: fail2ban-client binary execution timeout.
default_value: 2
required: false
examples:
folding:
title: Config
enabled: true
list:
- name: Custom update_every
description: Allows you to override the default data collection interval.
config: |
jobs:
- name: fail2ban
update_every: 5 # Collect Fail2Ban jails statistics every 5 seconds
troubleshooting:
problems:
list: []
alerts: []
metrics:
folding:
title: Metrics
enabled: false
description: ""
availability: []
scopes:
- name: jail
description: These metrics refer to the Jail.
labels:
- name: jail
description: Jail's name
metrics:
- name: fail2ban.jail_banned_ips
description: Fail2Ban Jail banned IPs
unit: addresses
chart_type: line
dimensions:
- name: banned
- name: fail2ban.jail_active_failures
description: Fail2Ban Jail active failures
unit: failures
chart_type: line
dimensions:
- name: active_failures
|
