Question

Fail2ban is not working properly since I enabled logrotate. Can someone provide advice?

Posted April 20, 2019 976 views
CentOSLogging

My fail2ban installation is not working properly since I enabled logrotate. I think the renaming of logfiles is not corresponding to the logs that fail2ban reads.

I guess I need advice on what to put in /etc/fail2ban/jail.local, etc/logrotate.conf, /etc/logrotate.d/apache2.conf, and perhaps other related files.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Apologies in advance if this isn’t very helpful, but fail2ban does provide a script in relation to logrotate that may be of some assistance.

It can be found in their Github repository

I will try this and report back here. Do you know if this is something that just needs to be run once, or if it needs to be run regularly as a cron job?

Or perhaps this is configuration code that needs to be included in /etc/logrotate.conf – does that sound right? Some but not all of the lines in this script are already in that configuration file. The flushlog command is not, and perhaps needs to be.

thanks,

James

Submit an Answer