Check fail2ban

Overview

In fail2ban, checks the amount of banned IP addresses (for all jails).

Fact Sheet

Check Plugin Download

https://github.com/Linuxfabrik/monitoring-plugins/tree/main/check-plugins/fail2ban

Check Interval Recommendation

Once a minute

Can be called without parameters

Yes

Available for

Python 2, Python 3

Requirements

None

Help

usage: fail2ban [-h] [-V] [--always-ok] [-c CRIT] [-w WARN]

In fail2ban, checks the amount of banned IP addresses (for a list of jails).

optional arguments:
  -h, --help            show this help message and exit
  -V, --version         show program's version number and exit
  --always-ok           Always returns OK.
  -c CRIT, --critical CRIT
                        Set the critical threshold for banned IPs. Default:
                        10000
  -w WARN, --warning WARN
                        Set the warning threshold for banned IPs. Default:
                        1000

Usage Examples

./fail2ban --warning 1000 --critical 10000

Output:

787 IPs banned in jail "linuxfabrik-portscan" (acting on /var/log/messages), 0 IPs banned in jail "sshd"

States

  • WARN or CRIT if number of blocked IP addresses is above a given threshold.

Perfdata / Metrics

Per jail:

  • Number of blocked IP addresses.

Credits, License