You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52 lines
1.4 KiB
52 lines
1.4 KiB
2 years ago
|
# Fail2Ban configuration file for guacamole
|
||
|
#
|
||
|
# Author: Steven Hiscocks
|
||
|
#
|
||
|
|
||
|
[Definition]
|
||
|
|
||
|
logging = catalina
|
||
|
failregex = <L_<logging>/failregex>
|
||
|
maxlines = <L_<logging>/maxlines>
|
||
|
datepattern = <L_<logging>/datepattern>
|
||
|
|
||
|
[L_catalina]
|
||
|
|
||
|
failregex = ^.*\nWARNING: Authentication attempt from <HOST> for user "[^"]*" failed\.$
|
||
|
|
||
|
maxlines = 2
|
||
|
|
||
|
datepattern = ^%%b %%d, %%ExY %%I:%%M:%%S %%p
|
||
|
^WARNING:()**
|
||
|
{^LN-BEG}
|
||
|
|
||
|
[L_webapp]
|
||
|
|
||
|
failregex = ^ \[\S+\] WARN \S+ - Authentication attempt from <HOST> for user "<F-USER>[^"]+</F-USER>" failed.
|
||
|
|
||
|
maxlines = 1
|
||
|
|
||
|
datepattern = ^%%H:%%M:%%S.%%f
|
||
|
|
||
|
# DEV Notes:
|
||
|
#
|
||
|
# failregex is based on the default pattern given in Guacamole documentation :
|
||
|
# https://guacamole.apache.org/doc/gug/configuring-guacamole.html#webapp-logging
|
||
|
#
|
||
|
# The following logback.xml Guacamole configuration file can then be used accordingly :
|
||
|
# <configuration>
|
||
|
# <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
|
||
|
# <file>/var/log/guacamole.log</file>
|
||
|
# <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
|
||
|
# <fileNamePattern>/var/log/guacamole.%d.log.gz</fileNamePattern>
|
||
|
# <maxHistory>32</maxHistory>
|
||
|
# </rollingPolicy>
|
||
|
# <encoder>
|
||
|
# <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
|
||
|
# </encoder>
|
||
|
# </appender>
|
||
|
# <root level="info">
|
||
|
# <appender-ref ref="FILE" />
|
||
|
# </root>
|
||
|
# </configuration>
|