mirror of https://github.com/fail2ban/fail2ban
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23 lines
549 B
23 lines
549 B
# Fail2Ban configuration file for generic SELinux audit messages |
|
# |
|
# This file is not intended to be used directly, and should be included into a |
|
# filter file which would define following variables. See selinux-ssh.conf as |
|
# and example. |
|
# |
|
# _type |
|
# _uid |
|
# _auid |
|
# _subj |
|
# _msg |
|
# |
|
# Also one of these variables must include <HOST>. |
|
|
|
[Definition] |
|
|
|
failregex = ^type=%(_type)s msg=audit\(:\d+\): (?:user )?pid=\d+ uid=%(_uid)s auid=%(_auid)s ses=\d+ subj=%(_subj)s msg='%(_msg)s'(?:\x1D|$) |
|
|
|
ignoreregex = |
|
|
|
datepattern = EPOCH |
|
|
|
# Author: Daniel Black
|
|
|