Hello all,

I host many domains on my servers.

I want to add code to monitor SQL Injection attacks but I'm unsure how the log path setting works. I know I use wildcards for directories and files like this:

logpath = /srv/www/html/*/Logs/access.*

My log file names are in this format:
access.2014-07-22-20_51_50

My question is will fail2ban monitor every log file in the directory with that wildcard or will it just monitor the latest (most recently created) file? In other words, I want fail2ban to monitor the very latest log file. The other log files are rotated older logs.

Thanks,
Denny