diff -up fail2ban-0.9/config/jail.conf.logpath fail2ban-0.9/config/jail.conf
--- fail2ban-0.9/config/jail.conf.logpath	2014-08-08 13:29:40.101582649 -0600
+++ fail2ban-0.9/config/jail.conf	2014-08-08 13:33:56.376307236 -0600
@@ -370,7 +370,7 @@ logpath  = /var/log/tomcat*/catalina.out
 [webmin-auth]
 
 port    = 10000
-logpath = /var/log/auth.log
+logpath = %(syslog_authpriv)s
 
 
 #
@@ -423,7 +423,7 @@ maxretry = 6
 
 [vsftpd]
 # or overwrite it in jails.local to be
-# logpath = /var/log/auth.log
+# logpath = %(syslog_authpriv)s
 # if you want to rely on PAM failed login attempts
 # vsftpd's failregex should match both of those formats
 port     = ftp,ftp-data,ftps,ftps-data
@@ -533,7 +533,7 @@ logpath  = %(postfix_log)s
 [perdition]
 
 port   = imap3,imaps,pop3,pop3s
-logpath = /var/log/maillog
+logpath = %(syslog_mail)s
 
 
 [squirrelmail]
@@ -657,13 +657,13 @@ maxretry = 5
 [pam-generic]
 # pam-generic filter can be customized to monitor specific subset of 'tty's
 banaction = iptables-allports
-logpath  = /var/log/auth.log
+logpath  = %(syslog_authpriv)s
 
 
 [xinetd-fail]
 
 banaction = iptables-multiport-log
-logpath   = /var/log/daemon.log
+logpath   = %(syslog_daemon)s
 maxretry  = 2
 
 
@@ -693,5 +693,5 @@ action  = %(banaction)s[name=%(__name__)
 [nagios]
 
 enabled  = false
-logpath  = /var/log/messages     ; nrpe.cfg may define a different log_facility
+logpath  = %(syslog_daemon)s     ; nrpe.cfg may define a different log_facility
 maxretry = 1