• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Issue fail2ban log file: very long error messages

tkalfaoglu

tkalfaoglu

Silver Pleskian
Hi there.. When fail2ban "fails" to ban or unban, it logs a verrry long error line in the /var/log/fail2ban.log which makes the log file impossible to view afterwards. The error line is easily a page long..

Here is an example:

2021-02-03 08:31:14,420 fail2ban.filter [9599]: INFO [fail2ban-repeats] Found 87.246.7.226 - 2021-02-03 08:31:14
2021-02-03 08:31:14,834 fail2ban.actions [9599]: NOTICE [fail2ban-repeats] Ban 87.246.7.226
2021-02-03 08:31:14,846 fail2ban.actions [9599]: ERROR Failed to execute ban jail 'fail2ban-repeats' action 'route' info 'ActionInfo({'
ipfailures': 4036, 'ip-rev': '226.7.246.87.', 'family': 'inet4', 'ipmatches': "2021-02-02 05:53:39,410 fail2ban.actions [16221]: NOTICE
[sasl] Unban 87.246.7.226\n2021-02-02 05:53:39,539 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54
:58,787 fail2ban.actions [16221]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 05:54:58,966 fail2ban.actions [16221]: NO
TICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,460 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 06:28:26,
632 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,366 fail2ban.actions [9599]: NOTICE
[plesk-postfix] Unban 87.246.7.226\n2021-02-02 06:59:03,645 fail2ban.actions [9599]: NOTICE [sasl] Unban 87.246.7.226\n2021-02-02 07:29:
32,665 fail2ban.actions [9599]: NOTICE [plesk-postfix] Unban 87.246.7.226\n2021-02-02 07:29:32,968 fail2ban.actions [9599]: NOTIC
E [sasl] Unban 87.246.7.226\nFeb 3 07:29:36 jedi postfix/smtpd[46947]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authe
ntication failure\nFeb 3 07:29:39 jedi postfix/smtpd[59565]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: authentication f
(etc this goes on)

Any ideas how to shorten this unnecessary long line?
Many thanks, -turgut
 
Try to set up the corresponding loglevel. Current setting you can find with:

# grep loglevel /etc/fail2ban/fail2ban.conf
 
Thanks - since this is an ERROR, I would have to pretty much disable the logging, therefore it's not very desirable to me. Maybe I'll go hacking into its code.. Put some length limit to its ERROR lines..
 
You must log in or register to reply here.

Similar threads

F
Issue Fail2ban: Ip addresses are not blocked by Recidive
Replies
14
Views
2K
frg62
F
M
Issue Fail2Ban Error
Replies
6
Views
720
Bitpalast
Bitpalast
A
Question Warnings in mail log [SASL LOGIN authentication failed]
Replies
1
Views
2K
Peter Debik
P
wakabayashi
Resolved Fail2Ban - Postfix not working for SASL (bug?)
Replies
4
Views
2K
mizar
mizar
A
Question Some security questions
Replies
2
Views
1K
amba1980
A
Back
Top