Hi, I'm new to this group.

I need an help to configure fail2ban (that already work for ssh procotol) in order to make it working with tomcat6/guatamole webapp.

I'dd like to check the file catalina.out that looks like this:

more catalina.out | grep pippo

WARNING: Authentication attempt from XXX.XXX.XXX.XXX for user "pippo" failed.

and tell fail2ban to ban the ip at the 3rd attempt failed.

Can you tell me hot to edit my catalina.conf filter to put in my filter.d?

Thanks in advance