New logtarget: systemd-journal;

rebased #1403 from da2x:feature-systemd-journal
2022-08-29 12:30:05 +02:00 · 2022-08-29 12:30:05 +02:00 · d6896eb26d
parent a08b925468
commit d6896eb26d
5 changed files with 12 additions and 6 deletions
--- a/1
+++ b/1
@ -46,6 +46,7 @@ ver. 1.0.1-dev-1 (20??/??/??) - development nightly edition
 * `filter.d/nginx-http-auth.conf` - extended with parameter mode, so additionally to `auth` (or `normal`) 
   mode `fallback` (or combined as `aggressive`) can find SSL errors while SSL handshaking, gh-2881
 * `action.d/cloudflare-token.conf` - added support for Cloudflare Token APIs.  This method is more restrictive and therefore safter than using API Keys.
+* new logtarget SYSTEMD-JOURNAL


 ver. 0.11.2 (2020/11/23) - heal-the-world-with-security-tools
--- a/1
+++ b/1
@ -33,6 +33,7 @@ Christoph Haas
 Christos Psonis
 craneworks
 Cyril Jaquier
+Daniel Aleksandersen
 Daniel B. Cid
 Daniel B.
 Daniel Black
--- a/config/fail2ban.conf
+++ b/config/fail2ban.conf
@ -24,13 +24,13 @@
 loglevel = INFO

 # Option: logtarget
-# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
+# Notes.: Set the log target. This could be a file, SYSTEMD-JOURNAL, SYSLOG, STDERR or STDOUT.
 #         Only one log target can be specified.
 #         If you change logtarget from the default value and you are
 #         using logrotate -- also adjust or disable rotation in the
 #         corresponding configuration file
 #         (e.g. /etc/logrotate.d/fail2ban on Debian systems)
-# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | FILE ]  Default: STDERR
+# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | SYSTEMD-JOURNAL | FILE ]  Default: STDERR
 #
 logtarget = /var/log/fail2ban.log

--- a/fail2ban/protocol.py
+++ b/fail2ban/protocol.py
@ -66,7 +66,7 @@ protocol = [
 ["set loglevel <LEVEL>", "sets logging level to <LEVEL>. Levels: CRITICAL, ERROR, WARNING, NOTICE, INFO, "
 	"DEBUG, TRACEDEBUG, HEAVYDEBUG or corresponding numeric value (50-5)"], 
 ["get loglevel", "gets the logging level"], 
-["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file"], 
+["set logtarget <TARGET>", "sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG, SYSTEMD-JOURNAL or a file"], 
 ["get logtarget", "gets logging target"], 
 ["set syslogsocket auto|<SOCKET>", "sets the syslog socket path to auto or <SOCKET>. Only used if logtarget is SYSLOG"],
 ["get syslogsocket", "gets syslog socket path"],
--- a/fail2ban/server/server.py
+++ b/fail2ban/server/server.py
@ -678,7 +678,10 @@ class Server:
 				return True
 			padding = logOptions.get('padding')
 			# set a format which is simpler for console use
-			if systarget == "SYSLOG":
+			if systarget == "SYSTEMD-JOURNAL":
+				from systemd.journal import JournalHandler
+				hdlr = JournalHandler(SYSLOG_IDENTIFIER='fail2ban')
+			elif systarget == "SYSLOG":
 				facility = logOptions.get('facility', 'DAEMON').upper()
 				# backwards compatibility - default no padding for syslog handler:
 				if padding is None: padding = '0'
@ -754,7 +757,8 @@ class Server:
 					verbose = self.__verbose-1
 				fmt = getVerbosityFormat(verbose, addtime=addtime, padding=padding)
 			# tell the handler to use this format
-			hdlr.setFormatter(logging.Formatter(fmt))
+			if target != "SYSTEMD-JOURNAL":
+				hdlr.setFormatter(logging.Formatter(fmt))
 			logger.addHandler(hdlr)
 			# Does not display this message at startup.
 			if self.__logTarget is not None:
@ -793,7 +797,7 @@ class Server:
 			return self.__syslogSocket

 	def flushLogs(self):
-		if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG']:
+		if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG', 'SYSTEMD-JOURNAL']:
 			for handler in getLogger("fail2ban").handlers:
 				try:
 					handler.doRollover()