fail2ban-regex(1) - phpMan

FAIL2BAN-REGEX(1)                User Commands               FAIL2BAN-REGEX(1)

NAME
       fail2ban-regex - test Fail2ban "failregex" option
SYNOPSIS
       fail2ban-regex [OPTIONS] <LOG> <REGEX> [IGNOREREGEX]
DESCRIPTION
       Fail2Ban  reads log file that contains password failure report and bans
       the corresponding IP addresses using firewall rules.
       This tools can test regular expressions for "fail2ban".
   LOG:
       string a string representing a log line
       filename
              path to a log file (/var/log/auth.log)
       systemd-journal
              search systemd  journal  (systemd-python  required),  optionally
              with backend parameters, see `man jail.conf` for usage and exam-
              ples (systemd-journal[journalflags=1]).
   REGEX:
       string a string representing a 'failregex'
       filter name of filter, optionally with options (sshd[mode=aggressive])
       filename
              path to a filter file (filter.d/sshd.conf)
   IGNOREREGEX:
       string a string representing an 'ignoreregex'
       filename
              path to a filter file (filter.d/sshd.conf)
OPTIONS
       --version
              show program's version number and exit
       -h, --help
              show this help message and exit
       -c CONFIG, --config=CONFIG
              set alternate config directory
       -d DATEPATTERN, --datepattern=DATEPATTERN
              set custom pattern used to match date/times
       --timezone=TIMEZONE, --TZ=TIMEZONE
              set time-zone used by convert time format
       -e ENCODING, --encoding=ENCODING
              File encoding. Default: system locale
       -r, --raw
              Raw hosts, don't resolve dns
       --usedns=USEDNS
              DNS specified replacement of tags  <HOST>  in  regexp  ('yes'  -
              matches all form of hosts, 'no' - IP addresses only)
       -L MAXLINES, --maxlines=MAXLINES
              maxlines for multi-line regex.
       -m JOURNALMATCH, --journalmatch=JOURNALMATCH
              journalctl style matches overriding filter file.  "systemd-jour-
              nal" only
       -l LOG_LEVEL, --log-level=LOG_LEVEL
              Log level for the Fail2Ban logger to use
       -V     get version in machine-readable short format
       -v, --verbose
              Increase verbosity
       --verbosity=VERBOSE
              Set numerical level of verbosity (0..4)
       --verbose-date, --VD
              Verbose date patterns/regex in output
       -D, --debuggex
              Produce debuggex.com urls for debugging there
       --no-check-all
              Disable check for all regex's
       -o OUT, --out=OUT
              Set token to print failure information only (row, id,  ip,  msg,
              host, ip4, ip6, dns, matches, ...)
       --print-no-missed
              Do not print any missed lines
       --print-no-ignored
              Do not print any ignored lines
       --print-all-matched
              Print all matched lines
       --print-all-missed
              Print all missed lines, no matter how many
       --print-all-ignored
              Print all ignored lines, no matter how many
       -t, --log-traceback
              Enrich log-messages with compressed tracebacks
       --full-traceback
              Either  to  make  the  tracebacks  full,  not  compressed (as by
              default)
AUTHOR
       Written by Cyril Jaquier <cyril.jaquier AT fail2ban.org>.  Many  contribu-
       tions  by  Yaroslav  O.  Halchenko,  Steven Hiscocks, Sergey G. Brester
       (sebres).
REPORTING BUGS
       Report bugs to https://github.com/fail2ban/fail2ban/issues
COPYRIGHT
       Copyright (C) 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
       Copyright of modifications held by their respective authors.   Licensed
       under the GNU General Public License v2 (GPL).
SEE ALSO
       fail2ban-client(1) fail2ban-server(1) jail.conf(5)

fail2ban-regex 1.1.0              April 2024                 FAIL2BAN-REGEX(1)