{"id":30663719,"url":"https://github.com/simoncahill/fail2abuseipdb","last_synced_at":"2026-06-28T05:32:04.772Z","repository":{"id":61448524,"uuid":"548585890","full_name":"SimonCahill/fail2abuseipdb","owner":"SimonCahill","description":"fail2abuseipdb is a simple server utility that allows server admins to easily convert fail2ban's output to the AbuseIPDB CSV format","archived":false,"fork":false,"pushed_at":"2023-10-30T18:15:56.000Z","size":90,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-03-29T21:07:53.179Z","etag":null,"topics":["abuseipdb","abuseipdbv2","admin","csv","fail2ban","linux"],"latest_commit_sha":null,"homepage":"https://documentation.simonc.eu/docs/fail2abuseipdb","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SimonCahill.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-10-09T21:34:59.000Z","updated_at":"2023-02-06T17:50:04.000Z","dependencies_parsed_at":"2023-01-20T08:26:07.795Z","dependency_job_id":"8e6cea3f-1c3a-440c-b739-ff98e1da61da","html_url":"https://github.com/SimonCahill/fail2abuseipdb","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/SimonCahill/fail2abuseipdb","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimonCahill%2Ffail2abuseipdb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimonCahill%2Ffail2abuseipdb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimonCahill%2Ffail2abuseipdb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimonCahill%2Ffail2abuseipdb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SimonCahill","download_url":"https://codeload.github.com/SimonCahill/fail2abuseipdb/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimonCahill%2Ffail2abuseipdb/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34878963,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-28T02:00:05.809Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["abuseipdb","abuseipdbv2","admin","csv","fail2ban","linux"],"created_at":"2025-08-31T17:54:02.527Z","updated_at":"2026-06-28T05:32:04.761Z","avatar_url":"https://github.com/SimonCahill.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# fail2abuseipdb\n\nfail2abuseipdb is a server administration tool (currently WIP!) which allows server administrators to **easily** and **automagically** convert\nfail2ban's output (which a weird semi-JSON format) to a CSV-format which can directly be published to abuseipdb!\n\n![GitHub all releases](https://img.shields.io/github/downloads/SimonCahill/fail2abuseipdb/total?logo=github)\n![GitHub](https://img.shields.io/github/license/SimonCahill/fail2abuseipdb)\n\n# Features\nfail2abuseipdb provides a limited featureset, although it is enough for its task.\n\n - Reading fail2ban's output from a file\n - Reading fail2ban's output from stdin via pipes\n - Reading fail2ban's output directly by calling fail2ban (requires elevated privileges and may be dangerous!) (**Search is bugged!**)\n - Comment customisation\n - Supports both individual jails and complete f2b output!\n - Jail names are detected automatically when full output is detected\n\n# Arguments\n\nThe following table describes the individual arguments and switches fail2abuseipdb understands.\nArguments and switched marked as ((planned)) are not use available (or usable)!\n\n| Long          | Short | Description                                                           | Status        |\n|---------------|-------|-----------------------------------------------------------------------|---------------|\n| --help        | -h    | Prints the help menu and exits.                                       | working       |\n| --stdin       | -s    | Reads input from stdin (pipe).                                        | working       |\n| --file=       | -f[f] | Reads input from the passed file or fail2ban.json if no file passed.  | working       |\n| --version     | -v    | Prints the version information and exits.                             | ((planned))   |\n| --comment     | -c    | Overrides the default value for the comment. Must be in quotes (\")!   | working       |\n| --jail-name=  | -j[j] | Useful when importing single jails; sets the name for the jail.       | working       |       \n| --f2b=        | -e[f] | Sets the location of fail2ban directory                               | working       |\n| --call-f2b    | -%    | No, that's not a typo. Call fail2ban directly                         | (kinda)working|\n\n## Comment variables\n| Variable      | Function                                                                      | Status        |\n|---------------|-------------------------------------------------------------------------------|---------------|\n| {0}           | Prints the jail name in the comment.                                          | working       |\n| {1}           | Prints the report time in the comment.                                        | ((planned))   |\n\n# Exit Codes\n| Code          | Meaning                                                                       |\n|---------------|-------------------------------------------------------------------------------|\n| 0             | Success                                                                       |\n| 1             | Failed to parse input from file                                               |\n| 2             | Failed to parse input from stdin                                              |\n| 3             | Failed to parse input from fail2ban directly                                  |\n| 4             | Insufficient execution rights                                                 |\n| 5             | Could not find fail2ban-client                                                |\n\n# Usage\n\nGetting started with fail2abuseipdb is simple. Install the file to /usr/bin (or where ever in your PATH) and call it as follows.\n\n\n## Reading from files\n```bash\n# Single jail\n\nfail2ban-client get myjail banned \u003e/tmp/myjail.txt\nfail2abuseipdb -f/tmp/myjail.txt -jmyjail -c\"Was banned for fcking w/ my shit. Fail2ban jail: {0}\" \u003e/tmp/myjail.csv\n\n# ALL THE JAILS\nfail2ban-client banned \u003e/tmp/alljails.txt\nfail2abuseipdb -f/tmp/alljails.txt -c\"Brute-force attack against {0}\" \u003e/tmp/alljails.csv\n```\n\n## Reading from stdin\n```bash\n# Single jail\n\nfail2ban-client get myjail banned | fail2abuseipdb -s -jmyjail -c\"Was banned for fcking w/ my shit. Fail2ban jail: {0}\" \u003e/tmp/myjail.csv\n\n# ALL THE JAILS\nfail2ban-client banned | fail2abuseipdb -s -c\"Brute-force attack against {0}\" \u003e/tmp/alljails.csv\n```\n\n# Building the application\n\nIf you don't trust the .deb packages uploaded in the releases, or your system doesn't use .deb packages, you can download, build and install the application yourself.\n\nTo do so is fairly simple:\n```bash\n# getting ready\n$ git clone --recursive https://github.com/SimonCahill/fail2abuseipdb.git \u0026\u0026 cd fail2abuseipdb\n$ mkdir build \u0026\u0026 cd build\n$ cmake ..\n\n# making the .deb:\n$ cpack .\n\n# making the application:\n$ make -j\n\n# generating documentation (requires Doxygen!)\n$ make docs\n\n# installing the freshly generated binary\n$ sudo make install\n```\n\n# Changelog\n\n**v0.2.0b**\n\nNew features:\n - Added support for piping fail2ban-client output directly\n - Added support for calling fail2ban-client directly\n\nNew bugs:\n - Automagic search for fail2ban is bugged and I don't want to fix it just yet\n    - Circumvent this issue by calling `fail2abuseipdb -% -e$(which fail2ban-client)`\n\n**v0.1.0b**\n\n - Initial release\n - Very much still a beta release, **but it works**!\n\n# To-Do\n\nIn no particular order, the to-dos are as follows. I just hope I update them 🫣\n\n 1) ~~Add version information during build~~ Working\n 2) ~~Add install target~~ Working\n 3) ~~Add remove target~~ Use deb instead\n 4) ~~Build deb-package?!~~ Working\n 5) ~~Add pipe support~~ Working\n 6) ~~Add support for calling fail2ban directly~~ Working, except for automagic search\n 7) Clean up code for first *real* release\n 8) Add debug messages (printed to stderr)\n 9) Unit tests? Don't really care for them\n 10) Add support for adding/overriding categories (both default and per jail)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimoncahill%2Ffail2abuseipdb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimoncahill%2Ffail2abuseipdb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimoncahill%2Ffail2abuseipdb/lists"}