Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

check_fail2ban

Rating
3 votes
Favoured:
0
Current Version
1.1
Last Release Date
2013-02-22
Compatible With
  • Nagios 1.x
  • Nagios 2.x
  • Nagios 3.x
  • Nagios XI
  • Nagios Fusion
License
GPL
Hits
50160
Files:
FileDescription
check_fail2ban.shcheck_fail2ban.sh
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
check_fail2ban
checks the count of active jails
checks for banned IP's
integrated performance data for banned IPs
shows banned IP since the last logrotate in long output

Modified:2013-03-12 (version 1.1)
-fix wrong count for output
-implement status check
Reviews (2)
byOldBlogger, January 2, 2020
1 of 1 people found this review helpful
In the header block it mentions a staus check being implemented which I think is where this came from at line 18

ps_state=$(ps aux |grep "fail2ban.sock" |grep -v grep| wc -l)

This seems to be an attempt to check if the fail2ban.sock socket has been created by the nagios-server, except this is looking at processes not sockets or at least it is on my Centos 7.7 installation, it always returns zero so the program aborts further down with the message

++++ Process is not running ++++

Change line 18 to this instead

ps_state=$(ss -aux |grep "fail2ban.sock" |grep -v grep| wc -l)

Basically use ss instead of ps and put the - before the aux
options.

Then it returns 1 as expected if the fail2ban-server is running and the script works correctly.
bysvamberg, September 13, 2016
1 of 2 people found this review helpful
Output of 0.9.x fail2ban is different (added white characters). This patch fix it:

--- a/check_fail2ban.sh
+++ b/check_fail2ban.sh
@@ -105,7 +105,7 @@ fi
# #####################################################################
# Run the fail2ban-client, and generate the list of operating jails
# #####################################################################
-jail_list=$($fail2ban_client status|grep "list" |cut -f 3 |tr -d ,)
+jail_list=$($fail2ban_client status|grep "list" | cut -d : -f 2 | tr -d ,)

# #####################################################################
# Cycle through all jails, count blocked IP, and build output strings