diff --git a/config/filter.d/recidive.conf b/config/filter.d/recidive.conf
index 7dcecfe4..86d939bb 100644
--- a/config/filter.d/recidive.conf
+++ b/config/filter.d/recidive.conf
@@ -19,7 +19,7 @@
 # common.local
 before = common.conf
 
-[Definition]
+[DEFAULT]
 
 _daemon = (?:fail2ban(?:-server|\.actions)\s*)
 
@@ -27,8 +27,21 @@ _daemon = (?:fail2ban(?:-server|\.actions)\s*)
 # this filter 'recidive', or supply another name with `filter = recidive[_jailname="jail"]`
 _jailname = recidive
 
+failregex = ^%(__prefix_line)s(?:\s*fail2ban\.actions\s*%(__pid_re)s?:\s+)?NOTICE\s+\[(?!%(_jailname)s\])(?:.*)\]\s+Ban\s+<HOST>\s*$
+
+[lt_short]
+_daemon = (?:fail2ban(?:-server|\.actions)?\s*)
 failregex = ^%(__prefix_line)s(?:\s*fail2ban(?:\.actions)?\s*%(__pid_re)s?:\s+)?(?:NOTICE\s+)?\[(?!%(_jailname)s\])(?:.*)\]\s+Ban\s+<HOST>\s*$
 
+[lt_journal]
+_daemon = <lt_short/_daemon>
+failregex = <lt_short/failregex>
+
+[Definition]
+
+_daemon = <lt_<logtype>/_daemon>
+failregex = <lt_<logtype>/failregex>
+
 datepattern = ^{DATE}
 
 ignoreregex =