mirror/Fail2Ban-Report
1
0
Fork 0
mirror of https://github.com/SubleXBle/Fail2Ban-Report.git synced 2026-02-10 19:00:27 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
5f1a6fdb5300a4246f7641a6faaea20d2f548cf1
Fail2Ban-Report/fail2ban_log2json.sh
SubleXBle 3326e721af Update fail2ban_log2json.sh
2025-08-08 15:39:28 +02:00

59 lines
1.5 KiB
Bash
Raw Blame History

#!/bin/bash
# === Configuration ===
LOGFILE="/var/log/fail2ban.log" # Path to Fail2Ban log file (adjust if needed)
OUTPUT_JSON_DIR="/var/www/Fail2Ban-Report/archive" # Target folder for JSON files (adjust if needed)
# === Preparation ===
TODAY=$(date +"%Y-%m-%d") # current date in format "YYYY-MM-DD"
OUTPUT_JSON_FILE="$OUTPUT_JSON_DIR/fail2ban-events-$(date +"%Y%m%d").json"
mkdir -p "$OUTPUT_JSON_DIR"
# === Processing ===
echo "[" > "$OUTPUT_JSON_FILE"
grep -E "Ban |Unban " "$LOGFILE" | awk -v today="$TODAY" '
{
timestamp = $1 " " $2;
# Process only entries from today
if (index(timestamp, today) != 1) {
next;
}
action = $(NF-1);
ip = $NF;
text = $0;
c = 0;
delete arr;
while (match(text, /\[[^]]+\]/)) {
content = substr(text, RSTART+1, RLENGTH-2);
c++;
arr[c] = content;
text = substr(text, RSTART + RLENGTH);
}
jail = "unknown";
for(i=1; i<=c; i++) {
if (arr[i] !~ /^[0-9]+$/) {
jail = arr[i];
break;
}
}
printf " {\n \"timestamp\": \"%s\",\n \"action\": \"%s\",\n \"ip\": \"%s\",\n \"jail\": \"%s\"\n },\n", timestamp, action, ip, jail;
}
' >> "$OUTPUT_JSON_FILE"
# Remove last comma if present
if [ -s "$OUTPUT_JSON_FILE" ]; then
sed -i '$ s/},/}/' "$OUTPUT_JSON_FILE"
fi
echo "]" >> "$OUTPUT_JSON_FILE"
# === Completion message ===
echo "✅ JSON created: $OUTPUT_JSON_FILE"
Reference in New Issue View Git Blame Copy Permalink