Hi there,
I am trying to find some logs I could feed to fail2ban in order to block undesired attempt to authenticate on the lxd service.
I am using snap 3.1 version of LXD. And had a look at:
- /var/log/auth.log
- /var/log/syslog
- /var/snap/lxd/common/lxd/logs/lxd.log
unfortunatelly nothing refers to any authentication failure.
I did also inspect on the lxd server side with lxc monitor
but nothing relevant seems to be logged there neitger:
lxc monitor
metadata:
context: {}
level: dbug
message: 'New event listener: 55b4dc90-...'
timestamp: "2018-06-14T19:29:10.340447871Z"
type: logging
metadata:
context:
ip: x.x.x.x:56864
url: /1.0
level: dbug
message: allowing untrusted GET
timestamp: "2018-06-14T19:29:12.971565317Z"
type: logging
metadata:
context:
ip: x.x.x.x:56866
url: /1.0
level: dbug
message: allowing untrusted GET
timestamp: "2018-06-14T19:29:13.034282642Z"
type: logging
metadata:
context:
ip: x.x.x.x:56868
url: /1.0/certificates
level: dbug
message: allowing untrusted POST
timestamp: "2018-06-14T19:29:14.32007926Z"
type: logging
Any hints where these kind of events are logged?