From d6896eb26d81355b3e0eac0da7153f44b2a98c44 Mon Sep 17 00:00:00 2001 From: sebres Date: Mon, 29 Aug 2022 12:30:05 +0200 Subject: [PATCH] New logtarget: systemd-journal; rebased #1403 from da2x:feature-systemd-journal --- ChangeLog | 1 + THANKS | 1 + config/fail2ban.conf | 4 ++-- fail2ban/protocol.py | 2 +- fail2ban/server/server.py | 10 +++++++--- 5 files changed, 12 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index d5bbbd45c..d9d1410d1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -46,6 +46,7 @@ ver. 1.0.1-dev-1 (20??/??/??) - development nightly edition * `filter.d/nginx-http-auth.conf` - extended with parameter mode, so additionally to `auth` (or `normal`) mode `fallback` (or combined as `aggressive`) can find SSL errors while SSL handshaking, gh-2881 * `action.d/cloudflare-token.conf` - added support for Cloudflare Token APIs. This method is more restrictive and therefore safter than using API Keys. +* new logtarget SYSTEMD-JOURNAL ver. 0.11.2 (2020/11/23) - heal-the-world-with-security-tools diff --git a/THANKS b/THANKS index c363c76cd..9dd2e47c6 100644 --- a/THANKS +++ b/THANKS @@ -33,6 +33,7 @@ Christoph Haas Christos Psonis craneworks Cyril Jaquier +Daniel Aleksandersen Daniel B. Cid Daniel B. Daniel Black diff --git a/config/fail2ban.conf b/config/fail2ban.conf index 601402d87..fd6baebf8 100644 --- a/config/fail2ban.conf +++ b/config/fail2ban.conf @@ -24,13 +24,13 @@ loglevel = INFO # Option: logtarget -# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT. +# Notes.: Set the log target. This could be a file, SYSTEMD-JOURNAL, SYSLOG, STDERR or STDOUT. # Only one log target can be specified. # If you change logtarget from the default value and you are # using logrotate -- also adjust or disable rotation in the # corresponding configuration file # (e.g. /etc/logrotate.d/fail2ban on Debian systems) -# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | FILE ] Default: STDERR +# Values: [ STDOUT | STDERR | SYSLOG | SYSOUT | SYSTEMD-JOURNAL | FILE ] Default: STDERR # logtarget = /var/log/fail2ban.log diff --git a/fail2ban/protocol.py b/fail2ban/protocol.py index 58102b553..a81c66572 100644 --- a/fail2ban/protocol.py +++ b/fail2ban/protocol.py @@ -66,7 +66,7 @@ protocol = [ ["set loglevel ", "sets logging level to . Levels: CRITICAL, ERROR, WARNING, NOTICE, INFO, " "DEBUG, TRACEDEBUG, HEAVYDEBUG or corresponding numeric value (50-5)"], ["get loglevel", "gets the logging level"], -["set logtarget ", "sets logging target to . Can be STDOUT, STDERR, SYSLOG or a file"], +["set logtarget ", "sets logging target to . Can be STDOUT, STDERR, SYSLOG, SYSTEMD-JOURNAL or a file"], ["get logtarget", "gets logging target"], ["set syslogsocket auto|", "sets the syslog socket path to auto or . Only used if logtarget is SYSLOG"], ["get syslogsocket", "gets syslog socket path"], diff --git a/fail2ban/server/server.py b/fail2ban/server/server.py index 60a60cd7d..660f79189 100644 --- a/fail2ban/server/server.py +++ b/fail2ban/server/server.py @@ -678,7 +678,10 @@ class Server: return True padding = logOptions.get('padding') # set a format which is simpler for console use - if systarget == "SYSLOG": + if systarget == "SYSTEMD-JOURNAL": + from systemd.journal import JournalHandler + hdlr = JournalHandler(SYSLOG_IDENTIFIER='fail2ban') + elif systarget == "SYSLOG": facility = logOptions.get('facility', 'DAEMON').upper() # backwards compatibility - default no padding for syslog handler: if padding is None: padding = '0' @@ -754,7 +757,8 @@ class Server: verbose = self.__verbose-1 fmt = getVerbosityFormat(verbose, addtime=addtime, padding=padding) # tell the handler to use this format - hdlr.setFormatter(logging.Formatter(fmt)) + if target != "SYSTEMD-JOURNAL": + hdlr.setFormatter(logging.Formatter(fmt)) logger.addHandler(hdlr) # Does not display this message at startup. if self.__logTarget is not None: @@ -793,7 +797,7 @@ class Server: return self.__syslogSocket def flushLogs(self): - if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG']: + if self.__logTarget not in ['STDERR', 'STDOUT', 'SYSLOG', 'SYSTEMD-JOURNAL']: for handler in getLogger("fail2ban").handlers: try: handler.doRollover()