How do you write a fail2ban filter for failed login attempts?

Question

The log entry that appears to be written when a failed login attempt occurs in v11 using nginx as web server is this:
58.6.199.94 - - [03/Feb/2018:09:44:54 +0000] "POST /web/login HTTP/1.1" 200 3339 "http://www.domain.com/web/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:58.0) Gecko/20100101 Firefox/58.0"
How can I write a failregex rule in a fail2ban filter that would adequately detect that log pattern?

Bill Ennals · Accepted Answer

Just in case anyone comes across this, the links below pointed me in the right direction to get fail2ban working with Odoo 11 CE. Thanks to Odony for the improvement and instructions.
https://www.odoo.com/forum/help-1/question/fail2ban-not-detecting-failing-logins-from-odoo-11-log-134095
https://github.com/odoo/odoo/commit/86ffb549bf80b054f8bb5131c52d3e7757accb29

Verknüpfte Beiträge	Antworten	Ansichten
Slides module not showing slides - CORS errors? nginx v11 CORS slides Community	0 Dez. 17	5437
Nginx odoo 16 proxy and method not allowed 405 nginx	2 Sept. 24	2488
How can I setup odoo on a path with nginx nginx	1 Mai 24	3670
Nginx with Odoo configuration: host not found in upstream nginx	2 Mai 24	15018
When Odoo reserves stock for Sales Orders, can it do so taking into account the Date of the Order? Gelöst v11	1 Apr. 22	9411

Diese Frage wurde gekennzeichnet

Diskutieren Sie gerne? Treten Sie bei, statt nur zu lesen!