[go: up one dir, main page]
Skip to content

zevilz/NagiosFail2banStatus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
check_fail2ban.sh
check_fail2ban.sh
 
 
get_fail2ban_jails_info.sh
get_fail2ban_jails_info.sh
 
 

Repository files navigation

NagiosFail2banStatus

Nagios plugin for check fail2ban status and jails. Supports directly usage and Nagios/Icinga usage.

Options

  • -h (--help) - Shows help message.
  • -j (--show-jails) - Shows active jails. Uses special log file with fail2ban status if Nagios/Icinga usage enabled.
  • -i (--show-jails-info) - Shows jails info. Only for directly usage.
  • -n (--nagios) - Enable Nagios/Icinga usage. Showing jails info requiring use log file with fail2ban status.
  • -p (--log-path) - Specify path to log file with fail2ban status. Only for Nagios/Icinga usage (usage: -p <path> | --log-path=<path>).

Usage

Notice: curent user must be root or user with sudo access.

Put check_fail2ban.sh to nagios plugins directory (usually /usr/lib*/nagios/plugins). Than make file executable (chmod +x check_fail2ban.sh).

Directly usage

Show only status

./check_fail2ban.sh

Show active jails

./check_fail2ban.sh -j

Show active jails and their info

./check_fail2ban.sh -j -i

Nagios/Icinga usage

Add following check command object to your commands file

object CheckCommand "fail2ban" {
	import "plugin-check-command"
	command = [ PluginDir + "/check_fail2ban.sh" ]
	arguments = {
		"-n" = {}
		"-j" = {
			set_if = "$show_jails$"
		}
		"-p" = {
			value = "$log_path$"
			set_if = "$show_jails$"
		}
	}
}

Than add service definition to your services with check_command = "fail2ban".

Supported vars:

  • show_jails - Shows active jails. Set 1 to activate.
  • log_path - Sets full path to log file with fail2ban status. Required if show_jails set to 1.

By default without this parameters you can get only status on fail2ban (running/not running). Log file is required for show jails and jails info because the nagios user does not have the rights to access the fail2ban client. Put get_fail2ban_jails_info.sh in any directory if you want to get jails info.

Than add script to cron

*/1 * * * * /bin/bash <full_path_to_script> -p <full_path_to_log_file>

Use parameter -i (--show-jails-info) if you want to show info about for each jail

*/1 * * * * /bin/bash <full_path_to_script> -p <full_path_to_log_file> -i

Script creates/updates log file in specified path and make it readable only for users in nagios group and for user nagios.

Changelog

  • 12.02.2020 - 1.0.2 - Fixed definition of running process for new versions of Fail2Ban.
  • 23.12.2017 - 1.0.1 - added parameters to script get_fail2ban_jails_info.sh instead of editing inner variables
  • 21.12.2017 - 1.0.0 - released

About

Nagios plugin for check fail2ban status and jails.

Topics

fail2ban nagios-plugin icinga-plugin icinga2-plugin

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases 2

1.0.2 Latest
Feb 12, 2020
+ 1 release

Packages

No packages published

Languages