“fail2ban.filtersystemd [7357]: NOTICE Jail started without ‘journalmatch’ set. Jail regexs will be checked against all journal entries, which is not advised for performance reasons.”
Searching the internet it looks like there is a misconfiguration in the fail2ban conf file in connection with systemd but I do not really understand the issue and wondering if this is something which should be fixed in the pre-configured NS fail2ban package.
[root@prometheus ~]# fail2ban-client status postfix
Status for the jail: postfix
|- Filter
| |- Currently failed: 0
| |- Total failed: 82
| `- Journal matches: _SYSTEMD_UNIT=postfix.service
`- Actions
|- Currently banned: 0
|- Total banned: 4
`- Banned IP list:
[root@prometheus ~]# fail2ban-client status dovecot
Status for the jail: dovecot
|- Filter
| |- Currently failed: 0
| |- Total failed: 750
| `- Journal matches: _SYSTEMD_UNIT=dovecot.service
`- Actions
|- Currently banned: 0
|- Total banned: 31
`- Banned IP list:
[root@prometheus ~]# fail2ban-client status recidive
Status for the jail: recidive
|- Filter
| |- Currently failed: 63
| |- Total failed: 905
| `- File list: /var/log/fail2ban.log
`- Actions
|- Currently banned: 12
|- Total banned: 99
`- Banned IP list: 185.211.245.170 82.34.214.225 104.248.150.150 186.31.116.78 114.32.120.181 196.203.31.154 141.98.80.47 185.222.209.99 82.227.139.213 185.211.245.198 210.100.252.201 182.61.179.84