Other log sources (non Windows Event log)?

[phil-highrez]

Would it be possible to add other log sources (as in not the Windows event log)? Many third party programs do not write to the windows event log, but have their own logging, and with fail2ban this would be easily accomplished by adding the path to the log file and any regex required to check etc.

For example, I'm using Roundcube for and hMailServer for mail, plus plenty of other stuff (Filezilla FTP server, RDP Gateway - may log to the event log via IIS etc (I'm not sure yet)). Many/most programs have their own implementations of account lockout but they are all seperatly maintained and therefore not going to pickup attempts across multiple ports/protocols and somehow it feels better to do this at a firewall level - globally for all rather than on a per application basis.

It wouldn't seem that this would be "too" difficult to support here but if its a route you don't want to take, maybe I can get involved (or perhaps just make my own fork but that seems a bit too big of a jump right away) I've only just found this project and started tinkering but I really like the sound of it and I'm a C++/C# developer by trade so if I can find some time, I might be able to chip in).

More to the point Network Policy Server (for RRAS/VPN) on Server 2016 and later logs fully to SQLServer or text files but not everything goes to the Event Log (including bad passwords!)