- Real-time database updates.
- Easy to install to your server.
- Powerfull and cost less resources.
- Compatible with most GNU distributions.
I can't believe that you don't have fail2ban installed on your server. If you don't have it, please go to (https://doc.ubuntu-fr.org/fail2ban)
Shell part:
sudo git clone https://github.com/LiinxTV/fail2ban-monitoring.git
cd fail2ban-monitoring
mv fail2ban-monitoring.sh /usr/bin/f2bm
chmod +x /usr/bin/f2bm
You need to add this to your /etc/mysql/conf.d/mysql.cnf
sudo nano /etc/mysql/conf.d/mysql.cnf
[mysqld]
sql_mode="STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION"
Then finally install it:
f2bm install
NOTE: if you want to import your actual fail2ban list to the database, just run f2bm import
If you want to see if f2bm is correctly installed, just run:
f2bm debug
First, add a data source:
Fill the form like this:
Grafana part 2 - The dashboard:
Select grafana.json and finish the import process.
Nice, you're done !
• You must define action event to your JAILs. Exemple configuration of SSHD jail:
[sshd]
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
action = your_main_action
grafana