Software: nginx/1.23.4. PHP/5.6.40-65+ubuntu20.04.1+deb.sury.org+1 

uname -a: Linux foro-restaurado-2 5.15.0-1040-oracle #46-Ubuntu SMP Fri Jul 14 21:47:21 UTC 2023
aarch64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/etc/fail2ban/filter.d/   drwxr-xr-x
Free 83.08 GB of 96.73 GB (85.89%)
                            Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    

Viewing file:     guacamole.conf (1.41 KB)      -rw-r--r--

# Fail2Ban configuration file for guacamole
#
# Author: Steven Hiscocks
#

[Definition]

logging = catalina
failregex = <L_<logging>/failregex>
maxlines = <L_<logging>/maxlines>
datepattern = <L_<logging>/datepattern>

[L_catalina]

failregex = ^.*\nWARNING: Authentication attempt from <HOST> for user "[^"]*" failed\.$

maxlines = 2

datepattern = ^%%b %%d, %%ExY %%I:%%M:%%S %%p
              ^WARNING:()**
              {^LN-BEG}

[L_webapp]

failregex = ^ \[\S+\] WARN  \S+ - Authentication attempt from <HOST> for user "<F-USER>[^"]+</F-USER>" failed.

maxlines = 1

datepattern = ^%%H:%%M:%%S.%%f

# DEV Notes:
#
# failregex is based on the default pattern given in Guacamole documentation :
# https://guacamole.apache.org/doc/gug/configuring-guacamole.html#webapp-logging
#
# The following logback.xml Guacamole configuration file can then be used accordingly :
# <configuration>
#   <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
#     <file>/var/log/guacamole.log</file>
#     <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
#       <fileNamePattern>/var/log/guacamole.%d.log.gz</fileNamePattern>
#       <maxHistory>32</maxHistory>
#     </rollingPolicy>
#     <encoder>
#       <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
#     </encoder>
#   </appender>
#   <root level="info">
#     <appender-ref ref="FILE" />
#   </root>
# </configuration>