Re: [Fail2ban-users] rescan directory where wildcard was used?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 11/07/2013 02:49 AM, Jo Rhett wrote:
> It would appear that fail2ban does not rescan a directory where a wildcard was used?

what logpath are you using?

>  We have a directory filled with files based on datestamps.

So clarifing, an application that fail2ban is monitoring about midnight
closes its logs and creates a new log?

> After every restart fail2ban will catch attacks until midnight.
> 
> Workaround is to restart fail2ban after midnight.

Fabian's workaround is better.

> But are there any other features I'm overlooking which might cause a rescan of the directory?

> Or can we add a periodic rescan to the features, perhaps controlled by a config setting which defaults to off?

Ugly and no :-) (because there are alternatives....)

If you using the pyinotify backend we may be able to hook a notify to
detect the creation of new log files.