我有一个日志条目:
[22-May-2021 08:36:01 Europe/London] 10.0.0.2 - Failed admin login attempt for root at http://www.example.com:80
我正在尝试通过配置进行匹配fail2ban。
我在正则表达式测试器我可以看到^\[.*?\].* - Failed admin login attempt for .*模式匹配得很好。
但不知何故fail2ban却不匹配:
fail2ban-regex php_error_log "^\[.*?\].* - Failed admin login attempt for .*"
表明:
Use failregex line : ^\[.*?\].* - Failed admin login attempt for .*
ERROR: No failure-id group in '^\[.*?\].* - Failed admin login attempt for .*'