mirror of
https://github.com/fail2ban/fail2ban.git
synced 2026-03-11 08:55:31 +00:00
I also used non-greedy .*? for the login portion since not sure if space could be there and trying to minimize possibility of reacting on injected "from <HOST>" somewhere within the trailing .*
6 lines
654 B
Text
6 lines
654 B
Text
# failJSON: { "time": "2013-01-22T22:28:21", "match": true , "host": "192.0.43.10" }
|
|
[22-Jan-2013 22:28:21 +0200]: FAILED login for user1 from 192.0.43.10
|
|
# failJSON: { "time": "2005-05-26T07:12:40", "match": true , "host": "10.1.1.47" }
|
|
May 26 07:12:40 hamster roundcube: IMAP Error: Login failed for sales@example.com from 10.1.1.47
|
|
# failJSON: { "time": "2005-07-11T03:06:37", "match": true , "host": "1.2.3.4" }
|
|
Jul 11 03:06:37 myhostname roundcube: IMAP Error: Login failed for admin from 1.2.3.4. AUTHENTICATE PLAIN: A0002 NO Login failed. in /usr/share/roundcube/program/include/rcube_imap.php on line 205 (POST /wmail/?_task=login&_action=login)
|