table of contents
other versions
- bullseye 0.11.2-2
- testing 0.11.2-6
- unstable 0.11.2-6
- experimental 1.0.1-1~exp1
| FAIL2BAN-REGEX(1) | User Commands | FAIL2BAN-REGEX(1) |
NAME¶
fail2ban-regex - test Fail2ban "failregex" option
SYNOPSIS¶
fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]
DESCRIPTION¶
Fail2Ban reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.
This tools can test regular expressions for "fail2ban".
LOG:¶
- string
- a string representing a log line
- filename
- path to a log file (/var/log/auth.log)
- systemd-journal
- search systemd journal (systemd-python required), optionally with backend parameters, see `man jail.conf` for usage and examples (systemd-journal[journalflags=1]).
REGEX:¶
IGNOREREGEX:¶
OPTIONS¶
- --version
- show program's version number and exit
- -h, --help
- show this help message and exit
- -c CONFIG, --config=CONFIG
- set alternate config directory
- -d DATEPATTERN, --datepattern=DATEPATTERN
- set custom pattern used to match date/times
- --timezone=TIMEZONE, --TZ=TIMEZONE
- set time-zone used by convert time format
- -e ENCODING, --encoding=ENCODING
- File encoding. Default: system locale
- -r, --raw
- Raw hosts, don't resolve dns
- --usedns=USEDNS
- DNS specified replacement of tags <HOST> in regexp ('yes' - matches all form of hosts, 'no' - IP addresses only)
- -L MAXLINES, --maxlines=MAXLINES
- maxlines for multi-line regex.
- -m JOURNALMATCH, --journalmatch=JOURNALMATCH
- journalctl style matches overriding filter file. "systemd-journal" only
- -l LOG_LEVEL, --log-level=LOG_LEVEL
- Log level for the Fail2Ban logger to use
- -V
- get version in machine-readable short format
- -v, --verbose
- Increase verbosity
- --verbosity=VERBOSE
- Set numerical level of verbosity (0..4)
- --verbose-date, --VD
- Verbose date patterns/regex in output
- -D, --debuggex
- Produce debuggex.com urls for debugging there
- --no-check-all
- Disable check for all regex's
- -o OUT, --out=OUT
- Set token to print failure information only (row, id, ip, msg, host, ip4, ip6, dns, matches, ...)
- --print-no-missed
- Do not print any missed lines
- --print-no-ignored
- Do not print any ignored lines
- --print-all-matched
- Print all matched lines
- --print-all-missed
- Print all missed lines, no matter how many
- --print-all-ignored
- Print all ignored lines, no matter how many
- -t, --log-traceback
- Enrich log-messages with compressed tracebacks
- --full-traceback
- Either to make the tracebacks full, not compressed (as by default)
AUTHOR¶
Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>. Many contributions by Yaroslav O. Halchenko, Steven Hiscocks, Sergey G. Brester (sebres).
REPORTING BUGS¶
Report bugs to https://github.com/fail2ban/fail2ban/issues
COPYRIGHT¶
Copyright © 2004-2008 Cyril Jaquier, 2008- Fail2Ban
Contributors
Copyright of modifications held by their respective authors. Licensed under
the GNU General Public License v2 (GPL).
SEE ALSO¶
| September 2022 | fail2ban-regex 1.0.1 |