diff --git a/config/filter.d/selinux-ssh.conf b/config/filter.d/selinux-ssh.conf
new file mode 100644
index 00000000..34bf65ab
--- /dev/null
+++ b/config/filter.d/selinux-ssh.conf
@@ -0,0 +1,21 @@
+# Fail2Ban configuration file for SELinux ssh authentication errors
+#
+# Author: Daniel Black
+#
+#
+[INCLUDES]
+
+after = selinux.conf
+
+[Definition]
+
+_type = USER_(LOGIN|ERR|AUTH)
+_uid  = 0
+_auid = \d+
+_subj = (?:unconfined_u|system_u):system_r:sshd_t:s0-s0:c0\.c1023
+
+_exe  =/usr/sbin/sshd
+_terminal = ssh
+
+_msg = op=\S+ acct=(?P<_quote_acct>"?)\S+(?P=_quote_acct) exe="%(_exe)s" hostname=(\?|(\d+\.){3}\d+) addr=<HOST> terminal=%(_terminal)s res=failed
+
diff --git a/config/filter.d/selinux.conf b/config/filter.d/selinux.conf
index 3a6a0a50..143be189 100644
--- a/config/filter.d/selinux.conf
+++ b/config/filter.d/selinux.conf
@@ -1,19 +1,18 @@
-# Fail2Ban configuration file for generic Selinux Errors authentication errors
+# Fail2Ban configuration file for generic SELinux audit messages
 #
 # Author: Daniel Black
 #
 #
 [Definition]
 
-_type = USER_(LOGIN|ERR|AUTH)
-_uid  = 0
-_auid = \d+
-_subj = (?:unconfined_u|system_u):system_r:sshd_t:s0-s0:c0\.c1023
-
-_exe  =/usr/sbin/sshd
-_terminal = ssh
-
-_msg = op=\S+ acct=(?P<_quote_acct>"?)\S+(?P=_quote_acct) exe="%(_exe)s" hostname=(\?|(\d+\.){3}\d+) addr=<HOST> terminal=%(_terminal)s res=failed
+# Things you must set before including this file. See selinux-ssh as an example.
+# One of these must include a <HOST>.
+#
+# _type
+# _uid
+# _auid 
+# _subj
+# _msg
 
 failregex = ^type=%(_type)s msg=audit\(:\d+\): user pid=\d+ uid=%(_uid)s auid=%(_auid)s ses=\d+ subj=%(_subj)s msg='%(_msg)s'$
 
diff --git a/testcases/files/logs/selinux b/testcases/files/logs/selinux-ssh
similarity index 100%
rename from testcases/files/logs/selinux
rename to testcases/files/logs/selinux-ssh
diff --git a/testcases/samplestestcase.py b/testcases/samplestestcase.py
index c7ff0b9a..35abb813 100644
--- a/testcases/samplestestcase.py
+++ b/testcases/samplestestcase.py
@@ -23,6 +23,7 @@ __copyright__ = "Copyright (c) 2013 Steven Hiscocks"
 __license__ = "GPL"
 
 import unittest, sys, os, fileinput, re, datetime, inspect
+from ConfigParser import InterpolationMissingOptionError
 
 if sys.version_info >= (2, 6):
 	import json
@@ -60,7 +61,11 @@ def testSampleRegexsFactory(name):
 		# Check filter exists
 		filterConf = FilterReader(name, "jail", basedir=CONFIG_DIR)
 		filterConf.read()
-		filterConf.getOptions({})
+		try:
+			filterConf.getOptions({})
+		except InterpolationMissingOptionError:
+			# some filters like selinux aren't complete
+			return
 
 		for opt in filterConf.convert():
 			if opt[2] == "addfailregex":