[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Monit built-in Http log for fail2ban

From: Martin Pala
Subject: Re: Monit built-in Http log for fail2ban
Date: Mon, 30 Apr 2012 16:15:20 +0200


the monit logfile is configured with "SET LOGFILE <path|SYSLOG>" … in your case the log goes to syslog, which decides to which file to log the message. Monit's internal webserver is proprietary implementation - it's not mongrel. The failed login attempts are logged with following messages:

    Warning: Client 'xyz' supplied unknown user 'cdb' accessing monit httpd
    Warning: Client 'xyz' supplied wrong password for user 'abc' accessing monit httpd


On Apr 26, 2012, at 2:54 PM, Alex wrote:

I have Setup monit on Centos system an I use on apache "ProxyPass /monit/ http://localhost:2812/" in order to access it
so the url is something like https://domanname/monit/
I would like to know is it is possible to protect that url via fail2ban.
I am searching to see if the - internal server ( mongerl as I read in the site) has some sort of log file for failed attempts like apaches "client <HOST>user  authentication failure" so I can catch them with a regex...
I use on the config
set daemon  60
set logfile syslog facility log_daemon
set mailserver localhost
set mail-format { from: address@hidden }
set alert address@hiddenomname
set httpd port 2812 ADDRESS localhost and
     PEMFILE  /var/certs/monit.pem
     allow adminname:pass
I did try to search for both the logs and mongerl proc but with not luck.
Is there someone who would know how to achieve that or perhaps could think of something else!
Br Alex

To unsubscribe:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]