1FAIL2BAN-REGEX(1) User Commands FAIL2BAN-REGEX(1)
2
3
4
6 fail2ban-regex - test Fail2ban "failregex" option
7
9 fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]
10
12 Fail2Ban reads log file that contains password failure report and bans
13 the corresponding IP addresses using firewall rules.
14
15 This tools can test regular expressions for "fail2ban".
16
17 LOG:
18 string a string representing a log line
19
20 filename
21 path to a log file (/var/log/auth.log)
22
23 systemd-journal
24 search systemd journal (systemd-python required), optionally
25 with backend parameters, see `man jail.conf` for usage and exam‐
26 ples (systemd-journal[journalflags=1]).
27
28 REGEX:
29 string a string representing a 'failregex'
30
31 filter name of filter, optionally with options (sshd[mode=aggressive])
32
33 filename
34 path to a filter file (filter.d/sshd.conf)
35
36 IGNOREREGEX:
37 string a string representing an 'ignoreregex'
38
39 filename
40 path to a filter file (filter.d/sshd.conf)
41
43 --version
44 show program's version number and exit
45
46 -h, --help
47 show this help message and exit
48
49 -c CONFIG, --config=CONFIG
50 set alternate config directory
51
52 -d DATEPATTERN, --datepattern=DATEPATTERN
53 set custom pattern used to match date/times
54
55 --timezone=TIMEZONE, --TZ=TIMEZONE
56 set time-zone used by convert time format
57
58 -e ENCODING, --encoding=ENCODING
59 File encoding. Default: system locale
60
61 -r, --raw
62 Raw hosts, don't resolve dns
63
64 --usedns=USEDNS
65 DNS specified replacement of tags <HOST> in regexp ('yes' -
66 matches all form of hosts, 'no' - IP addresses only)
67
68 -L MAXLINES, --maxlines=MAXLINES
69 maxlines for multi-line regex.
70
71 -m JOURNALMATCH, --journalmatch=JOURNALMATCH
72 journalctl style matches overriding filter file. "systemd-jour‐
73 nal" only
74
75 -l LOG_LEVEL, --log-level=LOG_LEVEL
76 Log level for the Fail2Ban logger to use
77
78 -V get version in machine-readable short format
79
80 -v, --verbose
81 Increase verbosity
82
83 --verbosity=VERBOSE
84 Set numerical level of verbosity (0..4)
85
86 --verbose-date, --VD
87 Verbose date patterns/regex in output
88
89 -D, --debuggex
90 Produce debuggex.com urls for debugging there
91
92 --no-check-all
93 Disable check for all regex's
94
95 -o OUT, --out=OUT
96 Set token to print failure information only (row, id, ip, msg,
97 host, ip4, ip6, dns, matches, ...)
98
99 --print-no-missed
100 Do not print any missed lines
101
102 --print-no-ignored
103 Do not print any ignored lines
104
105 --print-all-matched
106 Print all matched lines
107
108 --print-all-missed
109 Print all missed lines, no matter how many
110
111 --print-all-ignored
112 Print all ignored lines, no matter how many
113
114 -t, --log-traceback
115 Enrich log-messages with compressed tracebacks
116
117 --full-traceback
118 Either to make the tracebacks full, not compressed (as by de‐
119 fault)
120
122 Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>. Many contribu‐
123 tions by Yaroslav O. Halchenko, Steven Hiscocks, Sergey G. Brester (se‐
124 bres).
125
127 Report bugs to https://github.com/fail2ban/fail2ban/issues
128
130 Copyright © 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
131 Copyright of modifications held by their respective authors. Licensed
132 under the GNU General Public License v2 (GPL).
133
135 fail2ban-client(1) fail2ban-server(1) jail.conf(5)
136
137
138
139fail2ban-regex 1.0.2 November 2022 FAIL2BAN-REGEX(1)