Logo

Command Palette

Search for a command to run...

Fail2ban actions represent security events where IP addresses are banned or monitored due to suspicious activity. These actions are automatically generated when fail2ban detects attack patterns such as brute force login attempts.

Model
serverstring

The UID of the server where the fail2ban action occurred.

addressstring

The IP address that triggered the fail2ban action.

countrystring

The country name associated with the IP address. May be null for private or internal IP addresses.

country_codestring

The ISO country code for the IP address. May be null for private or internal IP addresses.

attackstring

The type of attack that triggered the ban (e.g., SSH, HTTP, FTP).

portinteger

The network port involved in the attack. May be null if not applicable.

bannedboolean

Whether the IP address is currently banned by fail2ban.

action_datedatetime

The timestamp when the action occurred, in ISO 8601 format.

Related Models:Server

Example

{
  "server": "550e8400-e29b-41d4-a716-446655440000",
  "address": "192.168.1.45",
  "country": "United States",
  "country_code": "US",
  "attack": "SSH",
  "port": 22,
  "banned": true,
  "action_date": "2024-02-15T14:23:41Z"
}
Edit this page