How to send notifications from Linux fail2ban, ssh auth and other actions to Slack

For this approach i will use my slackpost.sh script to send messages to Slack. More info about it you can find – http://mindau.de/blog/en/en-post-messages-slack-linux/

fail2ban

How to install and configure fail2ban you can find for example here – https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04

Now edit fail2ban jail.local file

add “slack” hook where you want to use it. For example:

Now create new config file for slack action:

copy/paste it

put slack-report.sh to bin folder & restart fail2ban service

SSH AUTH REPORT

add to file:

and finaly slack-report.sh

And results:

slack post message example
slack post message example

Leave a Reply

Your email address will not be published. Required fields are marked *