Re: Hmm
If anyone asks me that I just give them the Fail2Ban stats for failed SSH login attempts (one every two seconds or so seems a bit low to me).Trawling through email virus logs, attempted access to PHP admin interfaces over HTTP and all the rest is a complete waste of time because the metrics thus created are meaningless when aggregated.