OS: CentOS7

I wanted to see exactly how and where the fail2ban IP addresses were stored. Looking in the fail2ban.conf file, I found the following:

dbfile = /var/lib/fail2ban/fail2ban.sqlite3

So, I did a little research to try to find out how access the database.

To open or connect to the database:

# sqlite3 /var/lib/fail2ban/fail2ban.sqlite3

To list all the tables in the database:

sqlite> .tables
bans fail2banDb jails logs

To query a table:

sqlite> SELECT * FROM logs;

Another table:

sqlite> SELECT * FROM bans;

To disconnect from the database:

sqlite> .quit