github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

DOC: Add items to ChangeLog and readded jail.conf(5) for logpath tail 

jail.conf change merged from 6a395f4cf7
pull/641/merge
Steven Hiscocks 11 years ago
parent
df882feb16
commit
725a8261fe
2 changed files with 8 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      ChangeLog
  2. 4
      man/jail.conf.5

5
ChangeLog
Unescape View File

@ -43,6 +43,10 @@ configuration before relying on it.
support these. ISO8601 now defaults to localtime unless specified otherwise.
Some filters have been change as required to capture these elements in the
right timezone correctly.
* Log levels are now set by Syslog style strings e.g. DEBUG, ERROR.
- Log level INFO is now more verbose
* Optionally can read log files starting from "head" or "tail".
- See "logpath" option in jail.conf(5) man page.
- New features:
* [..c7ae460] Multiline failregex. Close gh-54
@ -62,6 +66,7 @@ configuration before relying on it.
Close gh-347
* Filter for squirrelmail. Close gh-261
* Filter for tine20. Close gh-583
* Custom date formats (strptime) can now be set in filters and jail.conf
- Enhancements
* Jail names increased to 26 characters and iptables prefix reduced

4
man/jail.conf.5
Unescape View File

@ -129,7 +129,9 @@ The following options are applicable to any jail. They appear in a section speci
name of the filter -- filename of the filter in /etc/fail2ban/filter.d/ without the .conf/.local extension. Only one filter can be specified.
.TP
.B logpath
filename(s) of the log files to be monitored. Globs -- paths containing * and ? or [0-9] -- can be used however only the files that exist at start up matching this glob pattern will be considered.
filename(s) of the log files to be monitored, seperate by new lines. Globs -- paths containing * and ? or [0-9] -- can be used however only the files that exist at start up matching this glob pattern will be considered.
Optional space separated option 'tail' can be added to the end of the path to cause the log file to be read from the end, else default 'head' option reads file from the beginning
Ensure syslog or the program that generates the log file isn't configured to compress repeated log messages to "\fI*last message repeated 5 time*s\fR" otherwise it will fail to detect. This is called \fIRepeatedMsgReduction\fR in rsyslog and should be \fIOff\fR.
.TP

Write Preview
Loading…
Cancel
Save