π Fail2Ban Daily Report Script
Security isnβt just about blocking attacks β itβs about knowing they happened.
This lightweight Bash script integrates with
Fail2Ban to generate daily email reports on SSH intrusion attempts, giving you clear, actionable visibility without logging into the server.
π§° What It Does
- Pulls the list of IPs banned by the
sshd jail
- Uses
geoiplookup to identify attacker locations
- Formats a clean daily report:
- β
IP Address
- π Country of Origin
- π Timestamp
- Emails the report to a predefined address
βοΈ Requirements
fail2bangeoip-bin (for geoiplookup)- CLI mail client (e.g.,
mutt, mailx, or ssmtp)
- Basic cron setup
π« Why It Matters
Many sysadmins install Fail2Ban and forget itβs there. This script makes intrusion detection visible again β without manual log review.
Perfect for:
βοΈ Home lab monitoring
βοΈ Lightweight VPS hardening
βοΈ Situational awareness for SSH threats
π Project Link
π GitHub Repository:
mikecozier/fail2ban
