Hi,
I’ve made a Fail2Ban filter that will catch mikrotik failed log attempts and ban the IPs in the same way it bans other Linux services.
To make this work, you must also configure Fail2ban mikrotik ban action to block all the brute force attempts directly in the router: http://wiki.mikrotik.com/wiki/Use_Mikrotik_as_Fail2ban_firewall
The package i’m releasing contains the fail2ban filter.d configuration and a UDP Log receiver that should receive log packets from a whitelisted IP range, and then only pass fail login attempts to auth.log (so this way fail2ban catches them).
Details on how to use this can be found on the github repo.
To download the files and get started check https://github.com/RodrigoPV/mikrotik-fail2ban
Thanks!
Rodrigo