I have a list of docker containers running on a server. One of the containers is (will be) fail2ban running on privileged mode. My problem right now is with passing and sharing the same volume (log file) through these containers in order for it to be written by services and read by fail2ban.
I was wondering if there's a way with fail2ban to read from a stream of data like docker logs -f apache. This would take the pain away from managing that logfile, passing it through containers, dealing with read/write locks and also figuring out how to rotate it.
Best Answer
Configure the docker to write logs to syslog/ journald https://docs.docker.com/engine/admin/logging/overview/