Fail2ban is not working properly since I enabled logrotate. Can someone provide advice?

April 20, 2019 476 views
Logging CentOS

My fail2ban installation is not working properly since I enabled logrotate. I think the renaming of logfiles is not corresponding to the logs that fail2ban reads.

I guess I need advice on what to put in /etc/fail2ban/jail.local, etc/logrotate.conf, /etc/logrotate.d/apache2.conf, and perhaps other related files.

3 Answers

Apologies in advance if this isn’t very helpful, but fail2ban does provide a script in relation to logrotate that may be of some assistance.

It can be found in their Github repository

I will try this and report back here. Do you know if this is something that just needs to be run once, or if it needs to be run regularly as a cron job?

Or perhaps this is configuration code that needs to be included in /etc/logrotate.conf – does that sound right? Some but not all of the lines in this script are already in that configuration file. The flushlog command is not, and perhaps needs to be.

thanks,

James

Have another answer? Share your knowledge.