Let me get right to the heart of the matter.
I have the following services running in a reverse proxy (ssl secured).
\* multiple DBs for the above services.
Nginx handles all communication (auto upgrade to HTTPS).
The services all have their various logs which monitor login attempts, resource requests (dear lord the number of requests I get on wp-admin.php is staggering). Right now there's nothing really stopping a brute force attack on any of my services (fail2ban in the server only monitors ssh attempts and since that's on a different ports its pretty silent).
I was wondering if you had any advice how I could unify the logs of the various services with the nginx access.log and have fail2ban monitor that for the various rules? Trouble is that some containers have their own users and I'm not sure how I can go about unifying the access logs.
Quite frankly, I'm a bit lost here and any help would be appreciated.