# Fail2Ban filter for Gitlab # Detecting unauthorized access to the Gitlab Web portal # typically logged in /var/log/gitlab/gitlab-rails/application.log [Definition] failregex = ^: Failed Login: username=<F-USER>.+</F-USER> ip=<HOST>$