I’ve seeing the following error non-stop in asterisk -rvvvvv
[2020-08-08 07:11:51] NOTICE[27619]: manager.c:3515 authenticate: 52.255.203.221 tried to authenticate with nonexistent user 'root'
[2020-08-08 07:11:51] NOTICE[27619]: manager.c:3552 authenticate: 52.255.203.221 failed to authenticate as 'root'
[2020-08-08 07:11:52] NOTICE[27638]: manager.c:3515 authenticate: 52.255.203.221 tried to authenticate with nonexistent user 'root'
[2020-08-08 07:11:52] NOTICE[27638]: manager.c:3552 authenticate: 52.255.203.221 failed to authenticate as 'root'
[2020-08-08 07:11:54] NOTICE[27639]: manager.c:3515 authenticate: 52.255.203.221 tried to authenticate with nonexistent user 'root'
[2020-08-08 07:11:54] NOTICE[27639]: manager.c:3552 authenticate: 52.255.203.221 failed to authenticate as 'root'
Google search points to incorrect manager.conf settings but in my case, it looks fine.
The regexes are in the filters which are in /etc/fail2ban/filters.d/ but if you have to ask this question, be VERY careful of what you are doing , because of . . . . and . . .