Fail2ban — Notification to Slack

Photo by Joshua Hoehne on Unsplash

Introduction

Quick configuration that will allow us to send a notification for slack from fail2ban

Setup Slack Incoming Webhook.

Configuration

  • Add file /etc/fail2ban/action.d/slack.conf with content below:
[Definition]actionban = curl -X POST --data-urlencode 'payload={"channel": "#channel_name", "username": "user_name", "text": "Fail2Ban Reports IP <ip> has been banned by  filter", "icon_emoji": ":ghost:"}' https://hooks.slack.com/services/11111111/222222222/33333333333[Init]
  • Edit file /etc/fail2ban/jail.local
action = iptables-multiport[name=404, port="http,https", protocol=tcp]
slack[name=404]

 by the author.

--

--

--

DevOps Consultant. I’m strongly focused on automation, security, and reliability.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

7 Web Development Things I Learned in 2021 ✨

MultiVAC the 39th Bi-Weekly Report: MultiVAC Officially Releases 3.0

Reading and Writing to the Database

How to Stand Out as a Software Developer and Become a Manager, with Ian Peters-Campbell, Jayesh…

Scopuly — Stellar Wallet & SDEX

Pipeline: Mongodb to Spark 3.0.1 with Kubernetes

Developing Mobile Web Applications: When, Why, and How

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Maciej

Maciej

DevOps Consultant. I’m strongly focused on automation, security, and reliability.

More from Medium

Ansible Architecture

Introduction to Ansible | High Level Understanding of Ansible

How to set up CI/CD Pipeline to Build and Deploy Spring Boot Application to Amazon ECS (Fargate)…

DevOps- part 2: CICD with Jenkins, docker (docker hub); deploy to a server; AWS