I want to use fail2ban on CentOS 6 to monitor Apache with the standard default logfile format ("combined"). Has anyone here succeeded in doing so? The format has the IP at the start of the line, followed by two dashes (if no authentication) and THEN the timestamp. What I've read on the fail2ban wiki seems to say that the timestamp must ALWAYS be at the start of the line, followed by other stuff. I'm amazed if it isn't configurable... I'm using fail2ban 0.8.8 from EPEL. Cheers Tony -- Tony Mountifield Work: tony at softins.co.uk - http://www.softins.co.uk Play: tony at mountifield.org - http://tony.mountifield.org