The fail2ban plugin gathers the count of failed and banned ip addresses using fail2ban.
This plugin runs the
fail2ban-client command which generally requires root access.
Acquiring the required permissions can be done using several methods:
- Use sudo run fail2ban-client.
- Run agent as root. (not recommended)
# Read metrics from fail2ban. [[inputs.fail2ban]] ## Use sudo to run fail2ban-client use_sudo = false
Make sure to set
use_sudo = true in your configuration file.
You will also need to update your sudoers file. It is recommended to modify a
file in the
/etc/sudoers.d directory using
$ sudo visudo -f /etc/sudoers.d/circonus-unified-agent
Add the following lines to the file, these commands allow the
fail2ban-client without needing to provide a password and disables
logging of the call in the auth.log. Consult
man 8 visudo and
man 5 sudoers for details.
Cmnd_Alias FAIL2BAN = /usr/bin/fail2ban-client status, /usr/bin/fail2ban-client status * cua ALL=(root) NOEXEC: NOPASSWD: FAIL2BAN Defaults!FAIL2BAN !logfile, !syslog, !pam_session