# Fail2Ban filter for Nagios Remote Plugin Executor (nrpe2)
# Detecting unauthorized access to the nrpe2 daemon 
# typically logged in /var/log/messages syslog
#

[INCLUDES]
# Read syslog common prefixes
before = common.conf

[Definition]
_daemon     = nrpe
failregex   = ^%(__prefix_line)sHost <HOST> is not allowed to talk to us!\s*$
ignoreregex =

# DEV Notes:
# 
# Author: Ivo Truxa - 2014/02/03