Skip to content
BleemeoBleemeo

Fail2ban

Auto-Detection
Built-in Metrics

Bleemeo monitors Fail2ban through automatic service detection and metrics collection for failed authentication and banned IPs.

Glouton automatically detects Fail2ban on the system and checks that the process stays active.

If Glouton was installed using wget or a system package, metrics are gathered with no further configuration. Otherwise, you must allow Glouton to run fail2ban-client status as root by adding the following to /etc/sudoers.d/glouton:

Cmnd_Alias FAIL2BAN = /usr/bin/fail2ban-client status, /usr/bin/fail2ban-client status *
glouton ALL=(root) NOEXEC: NOPASSWD: FAIL2BAN
Defaults!FAIL2BAN !logfile, !syslog, !pam_session

If auto-detected parameters are incorrect, you can override them manually.

Terminal window
sudo tee /etc/glouton/conf.d/99-fail2ban.conf > /dev/null << 'EOF'
service:
- type: "fail2ban"
address: "127.0.0.1"
port: 0
EOF

Glouton automatically detects configuration changes.

MetricDescription
service_statusStatus of Fail2ban
fail2ban_failedNumber of failed authentications
fail2ban_bannedNumber of banned IPs