--On Wednesday, April 01, 2020 4:21 PM -0700 Kenneth Porter
<sh...@sewingwitch.com> wrote:
Instead of receiving an email for each ban, it might be nice to
accumulate them in a database and have a periodic script sweep the recent
entries to compose a cumulative periodic report. This would also allow
the whois results to be cached in a table referenced by the ban table.
Has anyone done anything like this?
After further investigation, I discovered the bans are already in a sqlite
database at /var/lib/fail2ban/fail2ban.sqlite3.
One could periodically transfer these to a PostgreSQL database using its
inet and cidr types and then run a backend script to do whois expansion and
caching in the background. Some links to help those interested in
attempting this:
<https://www.endpoint.com/blog/2017/09/28/using-postgresql-cidr-and-inet-types>
<https://pypi.org/project/ipwhois/>
<https://www.psycopg.org/>
<https://docs.python.org/3/library/sqlite3.html>
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
