Tag Archives: fail2ban

Visualizing Fail2ban logs in Kibana

In the last post I wrote about how you can enrich Fail2ban logs with GeoIP metadata and with other data parsed from the logs. This time I will show you how you can use syslog-ng to send them into Elasticsearch and how visualizing Fail2ban logs in Kibana can show you where the failed login attempts are coming from.Fail2ban vvisualization in Kibana Coordinate map

 

Continue reading

Creating a central syslog server

Your home network might already contain some devices or systems like a home server, a WiFi router, a media player, or home automation system. It is a best practice creating a central syslog server and storing logs of various sources in one place.

A pile of timber logs

In this post I will show you the way of creating a central syslog server and comply with use cases like:

Continue reading