Update fail2ban documentation

(cherry picked from commit 58751fa4df)
This commit is contained in:
Daniel Nelson 2017-08-25 11:42:07 -07:00
parent 47264bc860
commit 30949c4596
No known key found for this signature in database
GPG Key ID: CAAD59C9444F6155
2 changed files with 12 additions and 18 deletions

View File

@ -1,19 +1,19 @@
# Fail2ban Plugin # Fail2ban Input Plugin
The fail2ban plugin gathers counts of failed and banned ip addresses from fail2ban. The fail2ban plugin gathers the count of failed and banned ip addresses using [fail2ban](https://www.fail2ban.org).
This plugin run fail2ban-client command, and fail2ban-client require root access. This plugin runs the `fail2ban-client` command which generally requires root access.
You have to grant telegraf to run fail2ban-client: Acquiring the required permissions can be done using several methods:
- Run telegraf as root. (deprecate) - Use sudo run fail2ban-client.
- Configure sudo to grant telegraf to fail2ban-client. - Run telegraf as root. (not recommended)
### Using sudo ### Using sudo
You may edit your sudo configuration with the following: You may edit your sudo configuration with the following:
``` sudo ``` sudo
telegraf ALL=(root) NOPASSWD: /usr/bin/fail2ban-client status * telegraf ALL=(root) NOEXEC: NOPASSWD: /usr/bin/fail2ban-client status, /usr/bin/fail2ban-client status *
``` ```
### Configuration: ### Configuration:
@ -21,10 +21,7 @@ telegraf ALL=(root) NOPASSWD: /usr/bin/fail2ban-client status *
``` toml ``` toml
# Read metrics from fail2ban. # Read metrics from fail2ban.
[[inputs.fail2ban]] [[inputs.fail2ban]]
## fail2ban-client require root access. ## Use sudo to run fail2ban-client
## Setting 'use_sudo' to true will make use of sudo to run fail2ban-client.
## Users must configure sudo to allow telegraf user to run fail2ban-client with no password.
## This plugin run only "fail2ban-client status".
use_sudo = false use_sudo = false
``` ```
@ -55,6 +52,5 @@ Status for the jail: sshd
``` ```
``` ```
$ ./telegraf --config telegraf.conf --input-filter fail2ban --test
fail2ban,jail=sshd failed=5i,banned=2i 1495868667000000000 fail2ban,jail=sshd failed=5i,banned=2i 1495868667000000000
``` ```

View File

@ -6,9 +6,10 @@ import (
"os/exec" "os/exec"
"strings" "strings"
"strconv"
"github.com/influxdata/telegraf" "github.com/influxdata/telegraf"
"github.com/influxdata/telegraf/plugins/inputs" "github.com/influxdata/telegraf/plugins/inputs"
"strconv"
) )
var ( var (
@ -21,10 +22,7 @@ type Fail2ban struct {
} }
var sampleConfig = ` var sampleConfig = `
## fail2ban-client require root access. ## Use sudo to run fail2ban-client
## Setting 'use_sudo' to true will make use of sudo to run fail2ban-client.
## Users must configure sudo to allow telegraf user to run fail2ban-client with no password.
## This plugin run only "fail2ban-client status".
use_sudo = false use_sudo = false
` `