Closed vignemail1 closed 5 years ago
Very good suggestion, we ought to update the documentation for all the plugins using sudo when we do this:
$ ack -l use_sudo --markdown
plugins/inputs/unbound/README.md
plugins/inputs/opensmtpd/README.md
plugins/inputs/pf/README.md
plugins/inputs/varnish/README.md
plugins/inputs/smart/README.md
plugins/inputs/ipset/README.md
plugins/inputs/iptables/README.md
plugins/inputs/fail2ban/README.md
@vignemail1 Would you be able to do this?
@danielnelson As it is my first time, maybe some guidance? Do I need to fork the project and create a pull request as in Github doc and Github Standard Fork & Pull Request Workflow?
Yes, this looks right. Optionally, you might also want to install grip which lets you preview how the README files will look on github before committing them.
@danielnelson PR 5337. Have a nice day.
Feature Request
It's a documentation enhancement request.
A way to prevent your logs to be filled with sudo lines when
use_sudo = True
is used with the inputs/fail2ban plugin.Proposal:
The current recommandation for sudo with the inputs/fail2ban plugin is:
I would suggest to replace it (or at least as an alternative) by the following example:
The
!logfile
,!syslog
and!pam_session
flags will prevent runs to be logged.Current behavior:
At every poll (
interval = "10s"
by default), many lines are added to your logs about each fail2ban-client run, which can fill your filesystem with unnecessary information.Desired behavior:
To completely suppress the generation of events in the logs at each run.
Use case:
when using the current recommendation for sudo with the fail2ban input, log files are getting filled with sudo pam session and fail2ban-client launch events. That could be prevented.