How do you write a fail2ban filter for failed login attempts?

Question

The log entry that appears to be written when a failed login attempt occurs in v11 using nginx as web server is this:
58.6.199.94 - - [03/Feb/2018:09:44:54 +0000] "POST /web/login HTTP/1.1" 200 3339 "http://www.domain.com/web/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:58.0) Gecko/20100101 Firefox/58.0"
How can I write a failregex rule in a fail2ban filter that would adequately detect that log pattern?

Bill Ennals · Accepted Answer

Just in case anyone comes across this, the links below pointed me in the right direction to get fail2ban working with Odoo 11 CE. Thanks to Odony for the improvement and instructions.
https://www.odoo.com/forum/help-1/question/fail2ban-not-detecting-failing-logins-from-odoo-11-log-134095
https://github.com/odoo/odoo/commit/86ffb549bf80b054f8bb5131c52d3e7757accb29

İlgili Gönderiler	Cevaplar	Görünümler
Slides module not showing slides - CORS errors? nginx v11 CORS slides Community	0 Ara 17	5440
Nginx odoo 16 proxy and method not allowed 405 nginx	2 Eyl 24	2489
How can I setup odoo on a path with nginx nginx	1 May 24	3670
Nginx with Odoo configuration: host not found in upstream nginx	2 May 24	15018
When Odoo reserves stock for Sales Orders, can it do so taking into account the Date of the Order? Çözüldü v11	1 Nis 22	9415

Bu soru işaretlendi

Enjoying the discussion? Don't just read, join in!