New logtarget: systemd-journal;

rebased #1403 from da2x:feature-systemd-journal

ChangeLog

@@ -46,6 +46,7 @@ ver. 1.0.1-dev-1 (20??/??/??) - development nightly edition
 * `filter.d/nginx-http-auth.conf` - extended with parameter mode, so additionally to `auth` (or `normal`) 
    mode `fallback` (or combined as `aggressive`) can find SSL errors while SSL handshaking, gh-2881
 * `action.d/cloudflare-token.conf` - added support for Cloudflare Token APIs.  This method is more restrictive and therefore safter than using API Keys.
+* new logtarget SYSTEMD-JOURNAL
 
 
 ver. 0.11.2 (2020/11/23) - heal-the-world-with-security-tools

THANKS

@@ -33,6 +33,7 @@ Christoph Haas
 Christos Psonis
 craneworks
 Cyril Jaquier
+Daniel Aleksandersen
 Daniel B. Cid
 Daniel B.
 Daniel Black

config/fail2ban.conf

@@ -24,13 +24,13 @@
 loglevel = INFO
 
 # Option: logtarget
-# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
+# Notes.: Set the log target. This could be a file, SYSTEMD-JOURNAL, SYSLOG, STDERR or STDOUT.
 #         Only one log target can be specified.
 #         If you change logtarget from the default value and you are
 #         using logrotate -- also adjust or disable rotation in the
 #         corresponding configuration file
 #         (e.g. /etc/logrotate.d/fail2ban on Debian systems)
-# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | FILE ]  Default: STDERR
+# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | SYSTEMD-JOURNAL | FILE ]  Default: STDERR
 #
 logtarget = /var/log/fail2ban.log
 

fail2ban/protocol.py

@@ -66,7 +66,7 @@ protocol = [
 ["set loglevel <LEVEL>", "sets logging level to <LEVEL>. Levels: CRITICAL, ERROR, WARNING, NOTICE, INFO, "
 	"DEBUG, TRACEDEBUG, HEAVYDEBUG or corresponding numeric value (50-5)"], 
 ["get loglevel", "gets the logging level"], 
-["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file"], 
+["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG, SYSTEMD-JOURNAL or a file"], 
 ["get logtarget", "gets logging target"], 
 ["set syslogsocket auto|<SOCKET>", "sets the syslog socket path to auto or <SOCKET>. Only used if logtarget is SYSLOG"],
 ["get syslogsocket", "gets syslog socket path"],

fail2ban/server/server.py

@@ -678,7 +678,10 @@ class Server:
 				return True
 			padding = logOptions.get('padding')
 			# set a format which is simpler for console use
-			if systarget == "SYSLOG":
+			if systarget == "SYSTEMD-JOURNAL":
+				from systemd.journal import JournalHandler
+				hdlr = JournalHandler(SYSLOG_IDENTIFIER='fail2ban')
+			elif systarget == "SYSLOG":
 				facility = logOptions.get('facility', 'DAEMON').upper()
 				# backwards compatibility - default no padding for syslog handler:
 				if padding is None: padding = '0'
@@ -754,7 +757,8 @@ class Server:
 					verbose = self.__verbose-1
 				fmt = getVerbosityFormat(verbose, addtime=addtime, padding=padding)
 			# tell the handler to use this format
-			hdlr.setFormatter(logging.Formatter(fmt))
+			if target != "SYSTEMD-JOURNAL":
+				hdlr.setFormatter(logging.Formatter(fmt))
 			logger.addHandler(hdlr)
 			# Does not display this message at startup.
 			if self.__logTarget is not None:
@@ -793,7 +797,7 @@ class Server:
 			return self.__syslogSocket
 
 	def flushLogs(self):
-		if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG']:
+		if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG', 'SYSTEMD-JOURNAL']:
 			for handler in getLogger("fail2ban").handlers:
 				try:
 					handler.doRollover()