Skip to content

Latest commit

 

History

History
95 lines (82 loc) · 2.77 KB

README.md

File metadata and controls

95 lines (82 loc) · 2.77 KB

F2B-Exporter

GoDoc GitHub tag Docker Image Size (latest by date) Docker Image Version (latest by date)

This is a simple Fail2Ban prometheus exporter

Installation

From source

You can clone this repository from git https://github.com/glvr182/f2b-exporter.git.
Then all you have to do is run go build and you're done!

Docker

Using the following command you can run this program with docker.
NOTE: When running the docker image you might want to mount the certificates since some remotes use TLS.

docker run \
-d \
--name f2b-exporter \
-v /var/lib/fail2ban/fail2ban.sqlite3:/var/lib/fail2ban/fail2ban.sqlite3 \
-v /etc/ssl/certs:/etc/ssl/certs \
glvr182/f2b-exporter

Depending on your deployment you might want to expose the configured port (default 8080) like this:

docker run \
-d \
-p 8080:8080 \
--name f2b-exporter \
-v /var/lib/fail2ban/fail2ban.sqlite3:/var/lib/fail2ban/fail2ban.sqlite3 \
-v /etc/ssl/certs:/etc/ssl/certs \
glvr182/f2b-exporter

Configuration

The exporter has a few settings that you can tweak using the cli or using env variables:

cli env default
--port F2B_PORT 8080
--database F2B_DATABASE /var/lib/fail2ban/fail2ban.sqlite3
--remote F2B_REMOTE freeGeoIP

To add the exporter to prometheus a simple config like this would do the trick:
NOTE: this is from prometheus, NOT for this exporter.

global:
  scrape_interval:     15s
  evaluation_interval: 15s

scrape_configs:
  - job_name: 'f2b-exporter'
    scrape_interval: 5s
    static_configs:
    - targets: ['localhost:8080']

Or using docker and a dedicated network:

global:
  scrape_interval:     15s
  evaluation_interval: 15s

scrape_configs:
  - job_name: 'f2b-exporter'
    scrape_interval: 5s
    static_configs:
    - targets: ['f2b-exporter:8080']

Queries

You can get the metrics by calling f2b_banned_ip in prometheus.
This will return a general unfiltered list of data, which is already usable.

If however, you want to filer the data you can use one of the following filters:

  • country
  • currently_banned
  • jail
  • geohash

These are some example queries:

Total banned ips

sum(f2b_banned_ip)

Total currently banned ips

sum(f2b_banned_ip{currently_banned="true"})

Total banned ips per country

sum(f2b_banned_ip) by (country)