[asterisk-dev] fail2ban with asterisk security log?
Mark Michelson
mmichelson at digium.com
Thu Dec 13 10:59:49 CST 2012
On 12/13/2012 10:49 AM, Andrew Latham wrote:
> On Thu, Dec 13, 2012 at 9:01 AM, Russell Bryant
> <russell at russellbryant.net> wrote:
>> Greetings,
>>
>> I'm looking at documenting the security log for "Asterisk: The Definitive
>> Guide".
>>
>> Now that the security log file supports security events from both AMI and
>> chan_sip, has anyone written any scripts to process these events? An
>> updated fail2ban config perhaps? Or anything else?
>>
>> Thanks,
>>
>> --
>> Russell Bryant
> For log parsing Fail2ban still works great but a much better solution
> is using iptables "recent" and the newish "ipset" tool. Many people
> also use the Do Not Route or Peer (DROP) lists.
>
I think what Russell was inquiring about was more if people had written
anything that parses the security events in particular, not log messages.
Mark Michelson
More information about the asterisk-dev
mailing list