
/var/log/fail2ban.log {
    weekly
    rotate 7
    missingok
    compress
    delaycompress
    postrotate
      /usr/bin/fail2ban-client flushlogs  1>/dev/null || true
    endscript

    # If fail2ban runs as non-root it still needs to have write access
    # to logfiles.
    # create 640 fail2ban adm
    create 640 root adm
}
