Fail2ban
Auto-Detection
Built-in Metrics
Bleemeo monitors Fail2ban through automatic service detection and metrics collection for failed authentication and banned IPs.
Auto-Detection
Section titled “Auto-Detection”Glouton automatically detects Fail2ban on the system and checks that the process stays active.
If Glouton was installed using wget or a system package, metrics are gathered with no further configuration. Otherwise, you must allow Glouton to run fail2ban-client status as root by adding the following to /etc/sudoers.d/glouton:
Cmnd_Alias FAIL2BAN = /usr/bin/fail2ban-client status, /usr/bin/fail2ban-client status *glouton ALL=(root) NOEXEC: NOPASSWD: FAIL2BANDefaults!FAIL2BAN !logfile, !syslog, !pam_sessionIf auto-detected parameters are incorrect, you can override them manually.
sudo tee /etc/glouton/conf.d/99-fail2ban.conf > /dev/null << 'EOF'service: - type: "fail2ban" address: "127.0.0.1" port: 0EOFCreate or edit C:\ProgramData\glouton\conf.d\99-fail2ban.conf:
service: - type: "fail2ban" address: "127.0.0.1" port: 0Glouton automatically detects configuration changes.
Built-in Metrics
Section titled “Built-in Metrics”| Metric | Description |
|---|---|
service_status | Status of Fail2ban |
fail2ban_failed | Number of failed authentications |
fail2ban_banned | Number of banned IPs |