2013-04-16 20:13:31 +00:00
|
|
|
# Fail2Ban configuration file for guacamole
|
|
|
|
#
|
|
|
|
# Author: Steven Hiscocks
|
|
|
|
#
|
|
|
|
|
|
|
|
[Definition]
|
|
|
|
|
2020-02-26 09:41:55 +00:00
|
|
|
logging = catalina
|
|
|
|
failregex = <L_<logging>/failregex>
|
|
|
|
maxlines = <L_<logging>/maxlines>
|
|
|
|
datepattern = <L_<logging>/datepattern>
|
2013-04-16 20:13:31 +00:00
|
|
|
|
2020-02-26 09:41:55 +00:00
|
|
|
[L_catalina]
|
|
|
|
|
|
|
|
failregex = ^.*\nWARNING: Authentication attempt from <HOST> for user "[^"]*" failed\.$
|
2013-04-18 21:11:41 +00:00
|
|
|
|
|
|
|
maxlines = 2
|
2016-10-07 12:57:45 +00:00
|
|
|
|
|
|
|
datepattern = ^%%b %%d, %%ExY %%I:%%M:%%S %%p
|
|
|
|
^WARNING:()**
|
2020-02-26 09:41:55 +00:00
|
|
|
{^LN-BEG}
|
|
|
|
|
|
|
|
[L_webapp]
|
|
|
|
|
|
|
|
failregex = ^ \[\S+\] WARN \S+ - Authentication attempt from <HOST> for user "<F-USER>[^"]+</F-USER>" failed.
|
|
|
|
|
|
|
|
maxlines = 1
|
|
|
|
|
|
|
|
datepattern = ^%%H:%%M:%%S.%%f
|
|
|
|
|
|
|
|
# DEV Notes:
|
|
|
|
#
|
|
|
|
# failregex is based on the default pattern given in Guacamole documentation :
|
|
|
|
# https://guacamole.apache.org/doc/gug/configuring-guacamole.html#webapp-logging
|
|
|
|
#
|
|
|
|
# The following logback.xml Guacamole configuration file can then be used accordingly :
|
|
|
|
# <configuration>
|
|
|
|
# <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
|
|
|
|
# <file>/var/log/guacamole.log</file>
|
|
|
|
# <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
|
|
|
|
# <fileNamePattern>/var/log/guacamole.%d.log.gz</fileNamePattern>
|
|
|
|
# <maxHistory>32</maxHistory>
|
|
|
|
# </rollingPolicy>
|
|
|
|
# <encoder>
|
|
|
|
# <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
|
|
|
|
# </encoder>
|
|
|
|
# </appender>
|
|
|
|
# <root level="info">
|
|
|
|
# <appender-ref ref="FILE" />
|
|
|
|
# </root>
|
|
|
|
# </configuration>
|