Fail2ban on all services
Fail2ban is a tool designed to monitor systems' log files and to trigger actions in case it detects traces of something suspicious. It is widely considered as an intrusion prevention tool. Many log files from different programs can be monitored at once, meaning that you can monitor as many different services as you want (including FreeSWITCH, of course). Various kinds of reactions can be configured to be triggered.
The configuration of fail2ban relies on three different concepts: Filters, actions and jails. A "filter" is a set of regular expressions used to identify suspicious behaviors in the monitored log file. As log lines are generally specific to each service, you will probably have one filter per service you want ...
Get Mastering FreeSWITCH now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.