Hi folks, I wrote a demo application that uses the journal API to scan for SSH bruteforce logs in the journal, called "tallow".
I posted the project on my github page: https://github.com/sofar/tallow tallow "tails" the ssh messages and looks for failed logins from root and unknown users, and temporary blocks the IP with iptables for a while. It's 250 lines of code, more or less, so very small. I hope the project will be useful in some ways to folks here, so I posted it on github. Either it will encourage people to build on the journal API's or it will reduce your log file clutter :^). Cheers, and enjoy, Auke _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel