Fail2ban is not working properly since I enabled logrotate. Can someone provide advice?

Posted April 20, 2019 2.2k views

My fail2ban installation is not working properly since I enabled logrotate. I think the renaming of logfiles is not corresponding to the logs that fail2ban reads.

I guess I need advice on what to put in /etc/fail2ban/jail.local, etc/logrotate.conf, /etc/logrotate.d/apache2.conf, and perhaps other related files.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
3 answers

Apologies in advance if this isn’t very helpful, but fail2ban does provide a script in relation to logrotate that may be of some assistance.

It can be found in their Github repository

I will try this and report back here. Do you know if this is something that just needs to be run once, or if it needs to be run regularly as a cron job?

Or perhaps this is configuration code that needs to be included in /etc/logrotate.conf – does that sound right? Some but not all of the lines in this script are already in that configuration file. The flushlog command is not, and perhaps needs to be.