[Samba] samba and fail2ban

Michael Wood esiotrot at gmail.com
Tue Mar 29 06:58:34 MDT 2011

On 29 March 2011 12:13, Hajo Locke <hajo.locke at gmx.de> wrote:
> Hello,
>> Maybe have a script running in the background, parsing samba log file to
>> create
>> and alternative log file with all related info on the same line for
>> fail2ban...?
> but problem will still be the same. How to find lines which belonging
> together?
> may be in log we have connect from 3 IPs a, b, c and following 1 successful
> login and 2 false. which ip belongs to the false logins? Every other server
> i know sends this important messages in one line.

Maybe you can use the full_audit module.

e.g. here's an article about it:


Michael Wood <esiotrot at gmail.com>

More information about the samba mailing list