• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Issue fail2ban log file: very long error messages

tkalfaoglu

tkalfaoglu

Silver Pleskian
Hi there.. When fail2ban "fails" to ban or unban, it logs a verrry long error line in the /var/log/fail2ban.log which makes the log file impossible to view afterwards. The error line is easily a page long..

Here is an example:

2021-02-03 08:31:14,420 fail2ban.filter [9599]: INFO [fail2ban-repeats] Found 87.246.7.226 - 2021-02-03 08:31:14
2021-02-03 08:31:14,834 fail2ban.actions [9599]: NOTICE [fail2ban-repeats] Ban 87.246.7.226
2021-02-03 08:31:14,846 fail2ban.actions [9599]: ERROR Failed to execute ban jail 'fail2ban-repeats' action 'route' info 'ActionInfo({'
ipfailures': 4036, 'ip-rev': '226.7.246.87.', 'family': 'inet4', 'ipmatches': "2021-02-02 05:53:39,410 fail2ban.actions [16221]: NOTICE
[sasl] Unban 87.246.7.226\n2021-02-02 05:53:39,539 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54
:58,787 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54:58,966 fail2ban.actions [16221]: NO
TICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,460 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,
632 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,366 fail2ban.actions [9599]: NOTICE
[plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,645 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 07:29:
32,665 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 07:29:32,968 fail2ban.actions [9599]: NOTIC
E [sasl] Unban 87.246.7.226\nFeb 3 07:29:36 jedi postfix/smtpd[46947]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authe
ntication failure\nFeb 3 07:29:39 jedi postfix/smtpd[59565]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authentication f
(etc this goes on)

Any ideas how to shorten this unnecessary long line?
Many thanks, -turgut
 
Try to set up the corresponding loglevel. Current setting you can find with:

# grep loglevel /etc/fail2ban/fail2ban.conf
 
Thanks - since this is an ERROR, I would have to pretty much disable the logging, therefore it's not very desirable to me. Maybe I'll go hacking into its code.. Put some length limit to its ERROR lines..
 
You must log in or register to reply here.

Similar threads

claxman
Issue Anacron job 'cron.daily' on server.domain (Fail2Ban Automatic Closing Problem)
Replies
17
Views
2K
Hiljo_Lodewijk
H
Q
Resolved problem with ram server
Replies
8
Views
1K
Qusay
Q
M
Issue Fail2Ban authentication failure monitor and Plesk Spam Assasin stopping and starting
Replies
5
Views
2K
m3lezZ
m3lezZ
H
Issue fail2ban iptables error, ban doesn't work
Replies
1
Views
2K
hotwert
H
P
Resolved fail2ban postfix-sasl not working correctly
Replies
7
Views
10K
Alaa Mansour
Alaa Mansour
Back
Top