On 2023-04-09 10:22, Endre Paller wrote:
> My question is how can I configure fail2ban to always notice the current log
> files?
>
I use a symbolic link as the log file name for the jail. A Cron job is run
whenever the new file is due to change. In my case that is once per day; for you
that would be every half hour.
Since your log file is named to the second, you would need a more sophisticate
way of finding the new file before linking.
My experience with this method is that fail2ban continues smoothly after the
file is re-linked; it does not miss any entries for the bantime.
CGP_PATH="/data01/var/CommuniGate"
CGP_SYM="cgp-current.log"
CGP_LINK="${CGP_PATH}/${CGP_SYM}"
#
# Wait until there is a new log file created
logfile_new="${CGP_PATH}/SystemLogs/$(date +%Y-%m-%d).log"
rm -f ${CGP_LINK}
while [ ! -f ${logfile_new} ]
do
sleep 10
done
txt="ln -s ${logfile_new} ${CGP_LINK}"
$txt
--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
