This is amazing!
Are you open sourcing this?
Can others stream their logs to your servers and have a crowdsourced list of attackers in real time together with their activity?
Hey we actually built the second part as a product. Its a modern revamp of fail2ban combined with crowdsourcing aspect to deliver an up-to-date blocklist of active threats. You can check it out at https://github.com/crowdsecurity/crowdsec