Fail2ban does huge logs

possibly :frowning:

the problem is not only upstream but also in Nethserver. For example the logs used by nethserver for apache are not access.log or error.log but like you see ‘ssl_error_log-20171007’ when the logrotate is triggered.

At first fail2ban expect to find something in access.log or error.log but they are empty, like we find in Fail2Ban doesn´t ban webinterface
Therefore I tried to add a wildcard to the fail2ban regex (‘*’) and reload the fail2ban configuration when the fail2ban logs are rotated…but I suspect that maybe it doesn’t work

to solve you jail problem do : fail2ban-client reload
look after in the fail2ban log if the jail started well

before I would be interested by the content of

ll /var/log/sogo/
ll /var/log/fail2ban
ll /var/log/httpd

and the version of nethserver-fail2ban

rpm -qa nethserver-fail2ban