Fail2ban IPs visualized using IPinfo CLI and Sumamry tool

I installed Fail2Ban in one of my VMs the other day. It is really fun to check out the IP addresses trying to access the VM.

The code is pretty basic

cat /var/log/fail2ban.log | ipinfo grepip -o | curl -XPOST --data-binary @- ""

cat /var/log/fail2ban.log

You extract the fail2ban logs

ipinfo grepip -o

Use the IPinfo CLI’s grepip command to grep all the IP addresses.

curl -XPOST --data-binary @- ""

You post that to the IPinfo summary tool’s API endpoint.

This will generate a JSOn response:

  "status": "Report Generated",
  "reportUrl": ""

You just visit the link to your IP summary report: IP Summarization Results of 3748 IPs -

You can also bulk enrichment. Here I am doing that for all the banned IPs:

 cat /var/log/fail2ban.log | grep Ban | ipinfo grepip -o | ipinfo bulk -c > data.csv