Question

Fail2ban is not working properly since I enabled logrotate. Can someone provide advice?

Posted April 20, 2019 755 views
CentOS Logging

My fail2ban installation is not working properly since I enabled logrotate. I think the renaming of logfiles is not corresponding to the logs that fail2ban reads.

I guess I need advice on what to put in /etc/fail2ban/jail.local, etc/logrotate.conf, /etc/logrotate.d/apache2.conf, and perhaps other related files.

Add a comment
jamestr
By:
jamestr
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

3 answers
asciant April 22, 2019

Apologies in advance if this isn’t very helpful, but fail2ban does provide a script in relation to logrotate that may be of some assistance.

It can be found in their Github repository

Reply Report
jamestr April 22, 2019

I will try this and report back here. Do you know if this is something that just needs to be run once, or if it needs to be run regularly as a cron job?

Or perhaps this is configuration code that needs to be included in /etc/logrotate.conf – does that sound right? Some but not all of the lines in this script are already in that configuration file. The flushlog command is not, and perhaps needs to be.

thanks,

James

Reply Report
jamestr April 22, 2019
[deleted]
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help