|
From: | Alex |
Subject: | Re: Monit built-in Http log for fail2ban |
Date: | Thu, 24 May 2012 12:25:20 +0300 |
Hello Martin,
I am sorry for the delay...
I did find some time to take some tests so, I did
notice that syslog stopped for some reason logging these failed login attempts
after some time, up to a date they were working ok...
I changed the logfile to a custom one that logs the
events now.
Anyway, unfortunately since the logging comes in a
form of " Warning: Client '127.0.0.1' supplied unknown user" there is no way to
make it work. I should disable the proxy pass and the access the service from
external ip so I can latter ban it...
Br Alex
From: Martin Pala
Sent: Monday, April 30, 2012 5:15 PM
Subject: Re: Monit built-in Http log for fail2ban Hi,
the monit logfile is configured with "SET LOGFILE <path|SYSLOG>" … in
your case the log goes to syslog, which decides to which file to log the
message. Monit's internal webserver is proprietary implementation - it's not
mongrel. The failed login attempts are logged with following messages:
Warning: Client 'xyz' supplied unknown user
'cdb' accessing monit httpd Warning: Client 'xyz' supplied wrong password for user
'abc' accessing monit httpd Regards,
Martin
On Apr 26, 2012, at 2:54 PM, Alex wrote:
-- To unsubscribe: https://lists.nongnu.org/mailman/listinfo/monit-general |
[Prev in Thread] | Current Thread | [Next in Thread] |