Fail2ban: почему не срабатывает фильтр?

Question

[Fader]

failregex фильтра:

failregex = fail2ban.actions:\s+WARNING\s+\[(?:.*)\]\s+Ban\s+<HOST>

target лог вида:

2015-02-22 13:10:24,394 fail2ban.actions[27285]: WARNING [ssh] Ban xxx.xx.xxx.xx
2015-02-22 13:20:25,008 fail2ban.actions[27285]: WARNING [ssh] Unban xxx.xx.xxx.xx
2015-02-22 13:31:37,760 fail2ban.actions[27285]: WARNING [ssh] Ban xxx.xx.xxx.xx
2015-02-22 13:41:38,447 fail2ban.actions[27285]: WARNING [ssh] Unban xxx.xx.xxx.xx
2015-02-22 13:53:04,194 fail2ban.actions[27285]: WARNING [ssh] Ban xxx.xx.xxx.xx

Проверка by fail2ban-regex не находит совпадений. Где косяк?

Answer 1

[Oscar Django]

fail2ban.actions\[\d+\]:\s+WARNING\s+\[(?:.*)\]\s+Ban\s+

а так?

Comments

[Fader]

спасибо