On 10/16/2020 11:19 AM, James Moe via Fail2ban-users wrote: > On 10/16/20 10:13 AM, Dan Egli wrote: > > Ah. I guessed incorrectly. > Also the "datepattern" was necessary. > I can throw the datepatern in. But fail2ban-regex isn't recognizing it when I try.
# fail2ban-regex /var/log/exim4/main.log "^.*SMTP protocol error in
\"AUTH LOGIN\" .* H\=<HOST> .* AUTH command used when not advertised"
Running tests
=============
Use failregex line : ^.*SMTP protocol error in "AUTH LOGIN" .* H\=<HOST...
Use log file : /var/log/exim4/main.log
Use encoding : ISO-8859-1
Results
=======
Failregex: 0 total
Ignoreregex: 0 total
Date template hits:
|- [# of hits] date format
| [1420] {^LN-BEG}ExYear(?P<_sep>[-/.])Month(?P=_sep)Day(?:T|
?)24hour:Minute:Second(?:[.,]Microseconds)?(?:\s*Zone offset)?
`-
Lines: 1420 lines, 0 ignored, 0 matched, 1420 missed
[processed in 0.07 sec]
Missed line(s): too many to print. Use --print-all-missed to print all
1420 lines
--
Dan Egli
On my Test server
OpenPGP_0xF8A7B3F2AAB08F9D.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
