Blame | Last modification | View Log | RSS feed
# Fail2Ban configuration file for generic SELinux audit messages## This file is not intended to be used directly, and should be included into a# filter file which would define following variables. See selinux-ssh.conf as# and example.## _type# _uid# _auid# _subj# _msg## Also one of these variables must include <HOST>.[Definition]failregex = ^type=%(_type)s msg=audit\(:\d+\): (user )?pid=\d+ uid=%(_uid)s auid=%(_auid)s ses=\d+ subj=%(_subj)s msg='%(_msg)s'$ignoreregex =# Author: Daniel Black