История изменений

Исправление Davyd, 08.07.16 18:52 (текущая версия) :

да по идее \S+ должен срабатывать, но не хочет. Похоже где-то глубже host еще на айпишность проверяется.

root@cloudweb:~# fail2ban-regex 'Jul 18 12:13:01 aaa connection failed'     '(?P<host>\S+) connection failed' -l heavydebug

Running tests
=============

Use   failregex line : (?P<host>\S+) connection failed
Use      single line : Jul 18 12:13:01 aaa connection failed

D: Working on line u'Jul 18 12:13:01 aaa connection failed'
D: Matched time template MONTH Day Hour:Minute:Second
D: Date: u'Jul 18 12:13:01', message: u' aaa connection failed'
D: Correcting deduced year from 2016 to 2015 since 1468833181.000000 > 1467993055.622136
D: Got time using template MONTH Day Hour:Minute:Second
D: Matched FailRegex('(?P<host>\\S+) connection failed')
D: Unable to find a corresponding IP address for aaa: [Errno -2] Name or service not known
D: Sorting the template list
D: Winning template: MONTH Day Hour:Minute:Second with 1 hits

Results
=======

Failregex: 0 total

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [1] MONTH Day Hour:Minute:Second
`-

Lines: 1 lines, 0 ignored, 0 matched, 1 missed
|- Missed line(s):
|  Jul 18 12:13:01 aaa connection failed
`-

Исправление Davyd, 08.07.16 18:48:

да по идее \S+ должен срабатывать, но не хочет. Похоже где-то глубже host еще на айпишность проверяется.

root@cloudweb:~# fail2ban-regex 'Jul 18 12:13:01 Test_HOST connection failed'     '(?P<host>\S+) connection failed'

Running tests
=============

Use   failregex line : (?P<host>\S+) connection failed
Use      single line : Jul 18 12:13:01 Test_HOST connection failed


Results
=======

Failregex: 0 total

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [1] MONTH Day Hour:Minute:Second
`-

Lines: 1 lines, 0 ignored, 0 matched, 1 missed
|- Missed line(s):
|  Jul 18 12:13:01 Test_HOST connection failed
`-

Исправление Davyd, 08.07.16 18:45:

да по идее \S+ должен срабатывать, но не хочет. Похоже где-то глубже host еще на айпишность проверяется.

root@cloudweb:~# fail2ban-regex 'Jul 18 12:13:01 Test_HOST connection failed'     '(?P<host>\S+) connection failed'

Running tests
=============

Use   failregex line : (?P<host>.*) connection failed
Use      single line : Jul 18 12:13:01 Test_HOST connection failed


Results
=======

Failregex: 0 total

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [1] MONTH Day Hour:Minute:Second
`-

Lines: 1 lines, 0 ignored, 0 matched, 1 missed
|- Missed line(s):
|  Jul 18 12:13:01 Test_HOST connection failed
`-

Исходная версия Davyd, 08.07.16 18:42:

да по идее \S+ должен срабатывать, но не хочет. Похоже где-то глубже host еще на айпишность проверяется.

root@cloudweb:~# fail2ban-regex 'Jul 18 12:13:01 Test_HOST connection failed'     '(?P<host>.*) connection failed'

Running tests
=============

Use   failregex line : (?P<host>.*) connection failed
Use      single line : Jul 18 12:13:01 Test_HOST connection failed


Results
=======

Failregex: 0 total

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [1] MONTH Day Hour:Minute:Second
`-

Lines: 1 lines, 0 ignored, 0 matched, 1 missed
|- Missed line(s):
|  Jul 18 12:13:01 Test_HOST connection failed
`-