I manage a large number of deployments hosted in a major datacenter. One of the systems GUI went down but Asterisk was still working. The entire HTML folder was wiped clean, save for a couple skeleton folders with nothing in them. I dug through the logs and saw some hammering related to Digium before it appears the issue took place. I am not exactly sure how to interpret what I am seeing in the logs and unclear why fail2ban didn’t block them either since they were hammering the server. This system was fairly up to date from a freepbx standpoint, and also from a OS standpoint per Yum.
I have all the HTTP logs, but am not sure what is meaningful vs not within them.
Are the logs something that Dev would be interested in? How do I go about reporting properly?