Updated How fail2ban works - added "Examine interpolated configuration (dump)" section

How-fail2ban-works.md

@@ -27,6 +27,28 @@ Note: fail2ban tries to search the match not the original string - the datetime
 Mostly you'll see then too many log-lines like following in the `fail2ban.log`:<br/>
 `  NOTICE  [jail] 192.0.2.25 already banned`<br/>
 </details>
+<details><summary>Examine interpolated configuration (dump)</summary>
+<br/>
+
+You can use `fail2ban-client -d` to see interpolated configuration of all your configs (stock, distribution and local merged together) to check it is valid (no syntactical errors) and to clarify certain issues described above.
+
+For example start with this one (replace `sshd` with your jail name):
+```bash
+fail2ban-client -d | grep ", 'sshd'" | grep -E "'((add)?(logpath|journalmatch)|start|add)'"
+# or with that:
+jail=sshd; fail2ban-client -d | grep -E "($jail.*\b(add)?(logpath|journalmatch)\b)|(\b(start|add)\b.*$jail)"
+```
+to examine that your jail (here `sshd`) is enabled, uses proper `backend` (`auto`, `polling`, `pyinotify` for file- and `systemd` for journal-related monitoring, respectively) as well as the `logpath` (for file) and `journalmatch` (for systemd-journal) are also correct for you.
+
+You should then see something like that:
+```
+['add', 'sshd', 'auto']
+['set', 'sshd', 'addjournalmatch', '_SYSTEMD_UNIT=sshd.service', '+', '_COMM=sshd']
+['set', 'sshd', 'addlogpath', '/var/log/auth.log', 'head']
+['start', 'sshd']
+```
+</details>
+
 
 ***
 **[Q]** Fail2ban detects resp. incorrectly blocks some authentication attempts as failure (e. g. bans my IP address).