Bruteforce mitigation - fail2ban filter for ocserv

Fail2Ban can be explained in more detailed by this

Short explaination of fail2ban:

Fail2ban scans log files and bans IP’s that show the malicious signs – too many password failures etc. The following filter identifies failed authentications on the oserv (OpenConnect Server).

cd /usr/local/etc/fail2ban/filter.d
cat ocserv.conf
[Definition]
failregex = (?:ocserv\[\d+\]: worker\[\w+\]: )(?P\S*)(?: worker-auth\.c\:\d+: failed authentication for ')
(?P<user>\S*)(?:').*