Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

fail2ban-regex(1) [centos man page]

FAIL2BAN-REGEX(1)						   User Commands						 FAIL2BAN-REGEX(1)

NAME

       fail2ban-regex - test Fail2ban "failregex" option

SYNOPSIS

       fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]

DESCRIPTION

       Fail2Ban  reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.

       This tools can test regular expressions for "fail2ban".

   LOG:
       string a string representing a log line

       filename
	      path to a log file (/var/log/auth.log)

       "systemd-journal"
	      search systemd journal (systemd-python required)

   REGEX:
       string a string representing a 'failregex'

       filename
	      path to a filter file (filter.d/sshd.conf)

   IGNOREREGEX:
       string a string representing an 'ignoreregex'

       filename
	      path to a filter file (filter.d/sshd.conf)

OPTIONS

       --version
	      show program's version number and exit

       -h, --help
	      show this help message and exit

       -c CONFIG, --config=CONFIG
	      set alternate config directory

       -d DATEPATTERN, --datepattern=DATEPATTERN
	      set custom pattern used to match date/times

       --timezone=TIMEZONE, --TZ=TIMEZONE
	      set time-zone used by convert time format

       -e ENCODING, --encoding=ENCODING
	      File encoding. Default: system locale

       -r, --raw
	      Raw hosts, don't resolve dns

       --usedns=USEDNS
	      DNS specified replacement of tags <HOST> in regexp ('yes' - matches all form of hosts, 'no' - IP addresses only)

       -L MAXLINES, --maxlines=MAXLINES
	      maxlines for multi-line regex.

       -m JOURNALMATCH, --journalmatch=JOURNALMATCH
	      journalctl style matches overriding filter file.	"systemd-journal" only

       -l LOG_LEVEL, --log-level=LOG_LEVEL
	      Log level for the Fail2Ban logger to use

       -v, --verbose
	      Increase verbosity

       --verbosity=VERBOSE
	      Set numerical level of verbosity (0..4)

       --verbose-date, --VD
	      Verbose date patterns/regex in output

       -D, --debuggex
	      Produce debuggex.com urls for debugging there

       --print-no-missed
	      Do not print any missed lines

       --print-no-ignored
	      Do not print any ignored lines

       --print-all-matched
	      Print all matched lines

       --print-all-missed
	      Print all missed lines, no matter how many

       --print-all-ignored
	      Print all ignored lines, no matter how many

       -t, --log-traceback
	      Enrich log-messages with compressed tracebacks

       --full-traceback
	      Either to make the tracebacks full, not compressed (as by default)

AUTHOR

       Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.  Many contributions by Yaroslav O. Halchenko and Steven Hiscocks.

REPORTING BUGS

       Report bugs to https://github.com/fail2ban/fail2ban/issues

COPYRIGHT

       Copyright (C) 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
       Copyright of modifications held by their respective authors.  Licensed under the GNU General Public License v2 (GPL).

SEE ALSO

       fail2ban-client(1) fail2ban-server(1)

fail2ban-regex 0.10.2						   January 2018 						 FAIL2BAN-REGEX(1)

Check Out this Related Man Page

SD_JOURNAL_STREAM_FD(3) 				       sd_journal_stream_fd					   SD_JOURNAL_STREAM_FD(3)

NAME

       sd_journal_stream_fd - Create log stream file descriptor to the journal

SYNOPSIS

       #include <systemd/sd-journal.h>

       int sd_journal_stream_fd(const char* identifier, int priority, int level_prefix);

DESCRIPTION

       sd_journal_stream_fd() may be used to create a log stream file descriptor. Log messages written to this file descriptor as simple
       newline-separated text strings are written to the journal. This file descriptor can be used internally by applications or be made
       STDOUT/STDERR of other processes executed.

       sd_journal_stream_fd() takes a short program identifier string as first argument, which will be written to the journal as
       _SYSLOG_IDENTIFIER= field for each log entry (see systemd.journal-fields(7) for more information). The second argument shall be the default
       priority level for all messages. The priority level is one of LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO,
       LOG_DEBUG, as defined in syslog.h, see syslog(3) for details. The third argument is a boolean: if true kernel-style log priority level
       prefixes (such as SD_WARNING) are interpreted, see sd-daemon(3) for more information.

       It is recommended that applications log UTF-8 messages only with this API, but this is not enforced.

RETURN VALUE

       The call returns a valid write-only file descriptor on success or a negative errno-style error code.

NOTES

       The sd_journal_stream_fd() interface is available as a shared library, which can be compiled and linked to with the libsystemd-journal pkg-
       config(1) file.

EXAMPLES

       Creating a log stream suitable for fprintf(3):

	   #include <syslog.h>
	   #include <stdio.h>
	   #include <string.h>
	   #include <unistd.h>
	   #include <systemd/sd-journal.h>
	   #include <systemd/sd-daemon.h>

	   int main(int argc, char *argv[]) {
		   int fd;
		   FILE *log;
		   fd = sd_journal_stream_fd("test", LOG_INFO, 1);
		   if (fd < 0) {
			   fprintf(stderr, "Failed to create stream fd: %s
", strerror(-fd));
			   return 1;
		   }
		   log = fdopen(fd, "w");
		   if (!log) {
			   fprintf(stderr, "Failed to create file object: %m
");
			   close(fd);
			   return 1;
		   }
		   fprintf(log, "Hello World!
");
		   fprintf(log, SD_WARNING "This is a warning!
");
		   fclose(log);
		   return 0;
	   }

SEE ALSO

       systemd(1), sd-journal(3), sd-daemon(3), sd_journal_print(3), syslog(3), fprintf(3), systemd.journal-fields(7)

systemd 208														   SD_JOURNAL_STREAM_FD(3)
Man Page