Feature request/enhancement: Remote SSHGuard
Maybe this already exists and I just haven’t found it. Imagine: hub-and-spoke design for sshguard where the hub is actually a router (running Linux, FreeBSD, etc). It has the actual packet filter (iptables, ipfw, pf, et al) running on it. The “spokes” are all the servers behind that router who are monitoring their own /var/log files and then sending a message to the router to block a bad guy.
At that point, the bad actor can’t attack any of the servers under the router’s umbrella. And this is all without the router needing to (somehow) monitor another server’s log files.