fail2ban/config/filter.d/centreon.conf

10 lines
307 B
Plaintext

# Fail2Ban filter for Centreon Web
# Detecting unauthorized access to the Centreon Web portal
# typically logged in /var/log/centreon/login.log
[Init]
datepattern = ^%%Y-%%m-%%d %%H:%%M:%%S
[Definition]
failregex = ^(?:\|-?\d+){3}\|\[[^\]]*\] \[<HOST>\] Authentication failed for '<F-USER>[^']+</F-USER>'