Logging options not as expected


#1

Hey,

I am attempting to integrate Fail2Ban with HAProxy like I do with my existing Nginx proxy.

Here’s a Pastebin to my HAProxy configuration: https://pastebin.com/GWBhJunf

Currently, my logs are outputting like:

    Sep 18 06:40:24 localhost haproxy[19962]: 10.50.3.8:54171 [18/Sep/2018:06:40:22.712] SSLFrontend~ Unifi/unifi.domain.cloud 0/48/1502 297 -- 1/1/0/0/0 0/0

However, I’d like to get the logging to look like my Nginx logs:

<IP REDACTED> - - [17/Sep/2018:06:26:02 +0000] "GET /api/self/sites HTTP/2.0" 200 486 "https://unifi.domain.cloud/manage/site/default/dashboard" "Mozilla/5.
0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36"

 <IP REDACTED> - - [18/Sep/2018:06:47:02 +0000] "POST /api/login HTTP/2.0" 400 158 "https://unifi.domain.cloud/manage/account/login?redirect=%2Fmanage" "M
ozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) CriOS/68.0.3440.83 Mobile/16A366 Safari/604.1"

200 obviously means everything is OK, but the 400 code represents a failed login attempt, where I can then integrate Fail2Ban jails.

I’ve looked at the docs: https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#8 and tried option httplog as well as TCP logs.

Is anyone able to advise? Maybe I’m missing something simple.


#2

If you want the log HTTP response codes, you need to use http mode in your front and backends. Then, enabling option httplog will have the desired effect.