Skip to content

Instantly share code, notes, and snippets.

@flowolf
Last active February 20, 2017 16:20
Show Gist options
  • Save flowolf/1c58d581e14a5c908372 to your computer and use it in GitHub Desktop.
Save flowolf/1c58d581e14a5c908372 to your computer and use it in GitHub Desktop.
#!/bin/bash
# get a country statistic for Fail2Ban blocks:
# this just accounts for IPs once. Multiple failed attempts by one IP just show up once for a country.
for i in `sudo cat /var/log/fail2ban.log | sed 's/.*[Bb]an \(.*\)/\1/' | sort | uniq | cut -d ' ' -f 1 | grep "\."`;
do
echo $i; whois $i | grep country\: |head -n 1 >> fail2ban_ctry.log ;
done
cat fail2ban_ctry.log | sed 's/country: //g' |sort | uniq -c | sort -nr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment