- Real-time database updates.
- Easy to install to your server.
- Powerfull and cost less resources.
- Compatible with most GNU distributions.
I can't believe that you don't have fail2ban installed on your server. If you don't have it, please go to (https://doc.ubuntu-fr.org/fail2ban)
Required:
- Python2 >= 2.6 or Python >= 3.2 or PyPy
- python-setuptools, python-distutils or python3-setuptools for installation from source
Optional:
- pyinotify >= 0.8.3, may require:
- Linux >= 2.6.13
- gamin >= 0.0.21
- systemd >= 204 and python bindings:
- dnspython
To install:
Shell part:
sudo git clone https://github.com/LiinxTV/fail2ban-monitoring.git
cd fail2ban-monitoring
mv fail2ban-monitoring.sh /usr/bin/fail2ban-monitoring.sh
Warning, before installing, make sure to have the alias in your ~/.bashrc:
echo "alias f2bm='sh /usr/bin/fail2ban-monitoring.sh'" >> ~/.bashrc
source ~/.bashrc
You need to add this to your /etc/mysql/conf.d/mysql.cnf
sudo nano /etc/mysql/conf.d/mysql.cnf
[mysqld]
sql_mode="STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION"
Then finally install it:
f2bm install
NOTE: if you want to import your actual fail2ban list to the database, just run f2bm import
If you want to see if f2bm is correctly installed, just run:
f2bm debug
First, add a data source:
Fill the form like this:
Grafana part 2 - The dashboard:
Select grafana.json and finish the import process.
Nice, you're done !
• You must define action event to your JAILs. Exemple configuration of SSHD jail:
[sshd]
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
action = grafana