Mark, not a direct answer to your question but you could run 'fail2ban'. This will log and blacklist failed login attempts, the time the blacklist is valid for is tuneable.
Maybe not what you asked for, but might help you. ***********************************Viglen*********************************** Viglen Ltd, Registered in England No 1208441. Registered Office: 7, Handley Page Way, Colney Street, St. Albans, Hertfordshire AL2 2DQ. Information in this electronic mail message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient any use, disclosure, copying or distribution of this message is prohibited and may be unlawful. When addressed to our customers, any information contained in this message is subject to Viglen Terms & Conditions. Please rely on your own virus checker and procedures with regard to any attachment to this message. ***********************************Viglen*********************************** ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________
