CentOS - Jun 2013 - fail2ban with standard Apache log format?

I want to use fail2ban on CentOS 6 to monitor Apache with the standard
default logfile format ("combined"). Has anyone here succeeded in
doing so?

The format has the IP at the start of the line, followed by two dashes
(if no authentication) and THEN the timestamp. What I've read on the
fail2ban wiki seems to say that the timestamp must ALWAYS be at the start
of the line, followed by other stuff. I'm amazed if it isn't
configurable...

I'm using fail2ban 0.8.8 from EPEL.

Cheers
Tony
-- 
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org

In article <kps4fv$33j$1 at softins.clara.co.uk>,
Tony Mountifield <tony at softins.co.uk> wrote:
> I want to use fail2ban on CentOS 6 to monitor Apache with the standard
> default logfile format ("combined"). Has anyone here succeeded in
doing so?
> 
> The format has the IP at the start of the line, followed by two dashes
> (if no authentication) and THEN the timestamp. What I've read on the
> fail2ban wiki seems to say that the timestamp must ALWAYS be at the start
> of the line, followed by other stuff. I'm amazed if it isn't
configurable...
> 
> I'm using fail2ban 0.8.8 from EPEL.
OK, it turns out that despite what it says in the wiki, recent versions
of fail2ban do allow a non-anchored timestamp match and will preserve the
part of the line before the timestamp. My problem was actually in the
failregex.

All working now.

Cheers
Tony

-- 
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org