DevOps & CloudDocumentedScanned

fail2ban-reporter

Auto-report fail2ban banned IPs to AbuseIPDB and notify via Telegram.

Share:

Installation

npx clawhub@latest install fail2ban-reporter

View the full skill documentation and source below.

Documentation

fail2ban Reporter

Monitor fail2ban bans and auto-report attackers to AbuseIPDB.

Setup

  • Get a free AbuseIPDB API key at

  • Store it: pass insert abuseipdb/api-key

  • Install the monitor: bash {baseDir}/scripts/install.sh

    • Manual Usage

    Report all currently banned IPs

    bash {baseDir}/scripts/report-banned.sh

    Check a specific IP

    bash {baseDir}/scripts/check-ip.sh <ip>

    Show ban stats

    bash {baseDir}/scripts/stats.sh

    Auto-Reporting

    The install script sets up a fail2ban action that auto-reports new bans.

    bash {baseDir}/scripts/install.sh    # install auto-reporting
bash {baseDir}/scripts/uninstall.sh  # remove auto-reporting

    Heartbeat Integration

    Add to HEARTBEAT.md to check for new bans periodically:

    - [ ] Check fail2ban stats and report any unreported IPs to AbuseIPDB

    Workflow

  • fail2ban bans an IP → action triggers report-single.sh

  • Script reports to AbuseIPDB with SSH brute-force category

  • Sends Telegram notification (if configured)

  • Logs report to /var/log/abuseipdb-reports.log

    • API Reference

    See references/abuseipdb-api.md for full API docs.

    Back to Skills Directory

    Related Skills in DevOps & Cloud

    adguard

    Control AdGuard Home DNS filtering via HTTP API.

    Docs

    agent-directory

    The directory for AI agent services.

    Docs

    agent-framework-azure-ai-py

    Build Azure AI Foundry agents using the Microsoft Agent Framework Python SDK (agent-framework-azure-ai).

    Docs

    agent-news

    Monitors Hacker News, Reddit, and arXiv for AI agent developments.

    Docs

    agentguard

    **Category:** Security & Monitoring

    Docs