1FAIL2BAN-REGEX(1)                User Commands               FAIL2BAN-REGEX(1)
2
3
4

NAME

6       fail2ban-regex - test Fail2ban "failregex" option
7

SYNOPSIS

9       fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]
10

DESCRIPTION

12       Fail2Ban  reads log file that contains password failure report and bans
13       the corresponding IP addresses using firewall rules.
14
15       This tools can test regular expressions for "fail2ban".
16
17   LOG:
18       string a string representing a log line
19
20       filename
21              path to a log file (/var/log/auth.log)
22
23       systemd-journal
24              search systemd  journal  (systemd-python  required),  optionally
25              with backend parameters, see `man jail.conf` for usage and exam‐
26              ples (systemd-journal[journalflags=1]).
27
28   REGEX:
29       string a string representing a 'failregex'
30
31       filter name of filter, optionally with options (sshd[mode=aggressive])
32
33       filename
34              path to a filter file (filter.d/sshd.conf)
35
36   IGNOREREGEX:
37       string a string representing an 'ignoreregex'
38
39       filename
40              path to a filter file (filter.d/sshd.conf)
41

OPTIONS

43       --version
44              show program's version number and exit
45
46       -h, --help
47              show this help message and exit
48
49       -c CONFIG, --config=CONFIG
50              set alternate config directory
51
52       -d DATEPATTERN, --datepattern=DATEPATTERN
53              set custom pattern used to match date/times
54
55       --timezone=TIMEZONE, --TZ=TIMEZONE
56              set time-zone used by convert time format
57
58       -e ENCODING, --encoding=ENCODING
59              File encoding. Default: system locale
60
61       -r, --raw
62              Raw hosts, don't resolve dns
63
64       --usedns=USEDNS
65              DNS specified replacement of tags  <HOST>  in  regexp  ('yes'  -
66              matches all form of hosts, 'no' - IP addresses only)
67
68       -L MAXLINES, --maxlines=MAXLINES
69              maxlines for multi-line regex.
70
71       -m JOURNALMATCH, --journalmatch=JOURNALMATCH
72              journalctl style matches overriding filter file.  "systemd-jour‐
73              nal" only
74
75       -l LOG_LEVEL, --log-level=LOG_LEVEL
76              Log level for the Fail2Ban logger to use
77
78       -V     get version in machine-readable short format
79
80       -v, --verbose
81              Increase verbosity
82
83       --verbosity=VERBOSE
84              Set numerical level of verbosity (0..4)
85
86       --verbose-date, --VD
87              Verbose date patterns/regex in output
88
89       -D, --debuggex
90              Produce debuggex.com urls for debugging there
91
92       --no-check-all
93              Disable check for all regex's
94
95       -o OUT, --out=OUT
96              Set token to print failure information only (row, id,  ip,  msg,
97              host, ip4, ip6, dns, matches, ...)
98
99       --print-no-missed
100              Do not print any missed lines
101
102       --print-no-ignored
103              Do not print any ignored lines
104
105       --print-all-matched
106              Print all matched lines
107
108       --print-all-missed
109              Print all missed lines, no matter how many
110
111       --print-all-ignored
112              Print all ignored lines, no matter how many
113
114       -t, --log-traceback
115              Enrich log-messages with compressed tracebacks
116
117       --full-traceback
118              Either  to  make  the tracebacks full, not compressed (as by de‐
119              fault)
120

AUTHOR

122       Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>.  Many  contribu‐
123       tions by Yaroslav O. Halchenko, Steven Hiscocks, Sergey G. Brester (se‐
124       bres).
125

REPORTING BUGS

127       Report bugs to https://github.com/fail2ban/fail2ban/issues
128
130       Copyright © 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
131       Copyright of modifications held by their respective authors.   Licensed
132       under the GNU General Public License v2 (GPL).
133

SEE ALSO

135       fail2ban-client(1) fail2ban-server(1) jail.conf(5)
136
137
138
139fail2ban-regex 1.0.2             November 2022               FAIL2BAN-REGEX(1)
Impressum