Trying to get fail2ban working on 18RC2 but it’s not detecting anything. I’m assuming the regex has changed again.
If anyone can toss me their working regex on 18, thanks!
Trying to get fail2ban working on 18RC2 but it’s not detecting anything. I’m assuming the regex has changed again.
If anyone can toss me their working regex on 18, thanks!
On Debian 10:
jail.conf
[nextcloud]
enabled = true
port = 80,443
protocol = tcp
filter = nextcloud
maxretry = 10
logpath = nextcloud.log
action = %(action_mwl)s
filter.d
nextcloud.conf
[Definition]
failregex= ^{“reqId”:".",“level”:2,“time”:".",“remoteAddr”:".",“app”:".".",“message”:"Login failed: . (Remote IP: )".*}$
This work for me
Not for me! Does anyone have a working regex?
Why so complicated? If did not find a solution up to now:
`[INCLUDES]
before = common.conf
failregex = .*“remoteAddr”:"".Login failed:.$`
works for me.