Where i find fail2ban?
Hello @giuliania,
Welcome to our community!
We can monitor fail2ban using python.plugin
, you can configure it with the following steps:
Enable plugin:
$ cd /etc/netdata
$ sudo ./edit-config pyhon.d.conf
After this remove the comment from the next line:
# fail2ban: yes
Configure module
Finally you can configure the plugin running:
$ sudo ./edit-config pyhon.d/fail2ban.conf
After this it is only necessary to restart Netdata.
Best regards!
Thank you for the answer.
When i try âsudo ./edit-config pyhon.d.confâ i receive error âFile âpyhon.d.confâ is not found in â/usr/lib/netdata/conf.dââ.
I found /usr/lib/netdata/conf.d/pyhon.d.conf and i remove comment # fail2ban: yes
I restart service but i donât see menu.
How did you install your netdata
?
When I ran the locate
command I have the following output:
$ locate python.d.conf
/etc/netdata/python.d.conf
/usr/lib/netdata/conf.d/python.d.conf
Please, can you check for errors inside your /var/log/netdata/error.log
?
grep fail2ban /var/log/netdata/error.log
Best regards!
I got into the same issue, I followed
Fail2ban monitoring with Netdata | Learn Netdata but couldnât find fail2ban
- added following into /etc/logrotate.d/fail2ban
/var/log/fail2ban.log {
missingok
notifempty
create 0640 root netdata
postrotate
/usr/bin/fail2ban-client flushlogs >/dev/null || true
endscript
} - run logrotate manually: /etc/cron.daily/logrotate
- sudo ./edit-config python.d/fail2ban.conf
- added following into the fail2ban.conf
local:
log_path: â/var/log/fail2ban.logâ
conf_path: â/etc/fail2ban/jail.localâ
exclude: âdropbear apacheâ - modify /usr/lib/netdata/conf.d/python.d.conf with fail2ban: yes
- restarted netdata serivce
While grep fail2ban /var/log/netdata/error.log I still got:
2021-12-03 12:40:07: go.d ERROR: prometheus[fail2ban_exporter_local] Get âhttp://127.0.0.1:9635/metricsâ: dial tcp 127.0.0.1:9635: connect: connection refused
2021-12-03 12:40:07: go.d ERROR: prometheus[fail2ban_exporter_local] check failed
2021-12-03 12:40:07: python.d INFO: plugin[main] : [fail2ban] built 1 job(s) configs
2021-12-03 12:40:08: python.d ERROR: fail2ban[local] : /var/log/fail2ban.log is not readable
2021-12-03 12:40:08: python.d INFO: plugin[main] : fail2ban[local] : check failed
Is it anything wrong in my logrotate config?
Thanks
Hi, @dowaihui. The problem is not readable (for netdata
user) /var/log/fail2ban.log file.
Letâs check the following:
ls -l /var/log/fail2ban.log
id netdata
Execute these commands in your terminal and share the output.
Hi ilyam8, thanks for the quick response, here is the result:
ls -l /var/log/fail2ban.log
-rw------- 1 root root 281333 Dec 4 10:55 /var/log/fail2ban.log
id netdata
uid=988(netdata) gid=985(netdata) groups=985(netdata),4(adm),65534(nobody),987(nginx)
Does that means only root can read the log? Seems only chmod 644 fail2ban.log still couldnt fix this issue
Thanks
The file is readable only by the root
user. We need it to be 0640
and root:netdata
-rw-r----- 1 root netdata 14943 Dec 6 19:06 fail2ban.log
1. Adding create 0640 root netdata
entry to /etc/logrotate.d/fail2ban
2.
sudo chown root:netdata /var/log/fail2ban.log
sudo chmod 0640 /var/log/fail2ban.log
# OR
/etc/cron.daily/logrotate
3. Restart netdata service.
Should fix the permission issue.
Added these steps to the fail2ban readme file in feat(python.d/fail2ban): add "Failed attempts" chart, cleanup by ilyam8 ¡ Pull Request #11825 ¡ netdata/netdata ¡ GitHub