Menu
▾
▴
Re: [SSHGuard-users] simple install of sshguard on ubuntu 18 20 versions
|
From: Kevin Z. <kev...@gm...> - 2021-12-02 18:57:26
|
Hi Amit, On 12/1/21 11:41 AM, Amit Das wrote: > # Log reader command (optional, no default) > LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -t vsftpd > -o cat" Could you check that your LOGREADER command is actually giving you the log output from sshd? That is, run this command at the command line, and see if any failed login messages are coming through: $ /usr/bin/journalctl -afb -p info -n1 -t sshd -t vsftpd -o cat If they are coming through, pipe the output to `sshg-parser -a` and make sure the attacks you expect to be recognized are marked with an asterisk. Regards, Kevin |
