Where i find fail2ban?

Where i find fail2ban?

Hello @giuliania,

Welcome to our community!

We can monitor fail2ban using python.plugin, you can configure it with the following steps:

Enable plugin:

$ cd /etc/netdata
$ sudo ./edit-config pyhon.d.conf

After this remove the comment from the next line:

# fail2ban: yes

Configure module

Finally you can configure the plugin running:

$ sudo ./edit-config pyhon.d/fail2ban.conf

After this it is only necessary to restart Netdata.

Best regards!

1 Like

Thank you for the answer.

When i try “sudo ./edit-config pyhon.d.conf” i receive error “File ‘pyhon.d.conf’ is not found in ‘/usr/lib/netdata/conf.d’”.

I found /usr/lib/netdata/conf.d/pyhon.d.conf and i remove comment # fail2ban: yes

I restart service but i don’t see menu.

How did you install your netdata?

When I ran the locatecommand I have the following output:

$ locate python.d.conf
/etc/netdata/python.d.conf
/usr/lib/netdata/conf.d/python.d.conf

Please, can you check for errors inside your /var/log/netdata/error.log ?

grep fail2ban /var/log/netdata/error.log

Best regards!

I got into the same issue, I followed
Fail2ban monitoring with Netdata | Learn Netdata but couldn’t find fail2ban

  1. added following into /etc/logrotate.d/fail2ban
    /var/log/fail2ban.log {
    missingok
    notifempty
    create 0640 root netdata
    postrotate
    /usr/bin/fail2ban-client flushlogs >/dev/null || true
    endscript
    }
  2. run logrotate manually: /etc/cron.daily/logrotate
  3. sudo ./edit-config python.d/fail2ban.conf
  4. added following into the fail2ban.conf
    local:
    log_path: ‘/var/log/fail2ban.log’
    conf_path: ‘/etc/fail2ban/jail.local’
    exclude: ‘dropbear apache’
  5. modify /usr/lib/netdata/conf.d/python.d.conf with fail2ban: yes
  6. restarted netdata serivce

While grep fail2ban /var/log/netdata/error.log I still got:
2021-12-03 12:40:07: go.d ERROR: prometheus[fail2ban_exporter_local] Get “http://127.0.0.1:9635/metrics”: dial tcp 127.0.0.1:9635: connect: connection refused
2021-12-03 12:40:07: go.d ERROR: prometheus[fail2ban_exporter_local] check failed
2021-12-03 12:40:07: python.d INFO: plugin[main] : [fail2ban] built 1 job(s) configs
2021-12-03 12:40:08: python.d ERROR: fail2ban[local] : /var/log/fail2ban.log is not readable
2021-12-03 12:40:08: python.d INFO: plugin[main] : fail2ban[local] : check failed

Is it anything wrong in my logrotate config?

Thanks

Hi, @dowaihui. The problem is not readable (for netdata user) /var/log/fail2ban.log file.

Let’s check the following:

  • ls -l /var/log/fail2ban.log
  • id netdata

Execute these commands in your terminal and share the output.

Hi ilyam8, thanks for the quick response, here is the result:

ls -l /var/log/fail2ban.log
-rw------- 1 root root 281333 Dec 4 10:55 /var/log/fail2ban.log

id netdata
uid=988(netdata) gid=985(netdata) groups=985(netdata),4(adm),65534(nobody),987(nginx)

Does that means only root can read the log? Seems only chmod 644 fail2ban.log still couldnt fix this issue
Thanks

The file is readable only by the root user. We need it to be 0640 and root:netdata

-rw-r----- 1 root netdata 14943 Dec  6 19:06 fail2ban.log

1. Adding create 0640 root netdata entry to /etc/logrotate.d/fail2ban
2.

sudo chown root:netdata /var/log/fail2ban.log
sudo chmod 0640 /var/log/fail2ban.log

# OR

/etc/cron.daily/logrotate

3. Restart netdata service.

Should fix the permission issue.

1 Like

Added these steps to the fail2ban readme file in feat(python.d/fail2ban): add "Failed attempts" chart, cleanup by ilyam8 ¡ Pull Request #11825 ¡ netdata/netdata ¡ GitHub

1 Like