mirror of https://github.com/fail2ban/fail2ban
24 lines
549 B
Plaintext
24 lines
549 B
Plaintext
# Fail2Ban configuration file for generic SELinux audit messages
|
|
#
|
|
# This file is not intended to be used directly, and should be included into a
|
|
# filter file which would define following variables. See selinux-ssh.conf as
|
|
# and example.
|
|
#
|
|
# _type
|
|
# _uid
|
|
# _auid
|
|
# _subj
|
|
# _msg
|
|
#
|
|
# Also one of these variables must include <HOST>.
|
|
|
|
[Definition]
|
|
|
|
failregex = ^type=%(_type)s msg=audit\(:\d+\): (?:user )?pid=\d+ uid=%(_uid)s auid=%(_auid)s ses=\d+ subj=%(_subj)s msg='%(_msg)s'(?:\x1D|$)
|
|
|
|
ignoreregex =
|
|
|
|
datepattern = EPOCH
|
|
|
|
# Author: Daniel Black
|