diff -up fail2ban-0.9-1f1a561/config/jail.conf.logfiles fail2ban-0.9-1f1a561/config/jail.conf
--- fail2ban-0.9-1f1a561/config/jail.conf.logfiles	2013-09-08 05:02:35.000000000 -0600
+++ fail2ban-0.9-1f1a561/config/jail.conf	2013-09-24 17:01:40.264930006 -0600
@@ -152,20 +152,18 @@ action = %(action_)s
 [sshd]
 
 port    = ssh
-logpath = /var/log/auth.log
-          /var/log/sshd.log
+logpath = /var/log/secure
 
 [sshd-ddos]
 
 port    = ssh
-logpath = /var/log/auth.log
-          /var/log/sshd.log
+logpath = /var/log/secure
 
 [dropbear]
 
 port     = ssh
 filter   = sshd
-logpath  = /var/log/dropbear
+logpath  = /var/log/secure
 
 
 # Generic filter for PAM. Has to be used with action which bans all
@@ -175,12 +173,12 @@ logpath  = /var/log/dropbear
 
 # pam-generic filter can be customized to monitor specific subset of 'tty's
 banaction = iptables-allports
-logpath  = /var/log/auth.log
+logpath  = /var/log/secure
 
 [xinetd-fail]
 
 banaction = iptables-multiport-log
-logpath   = /var/log/daemon.log
+logpath   = /var/log/messages
 maxretry  = 2
 
 # .. custom jails
@@ -194,7 +192,7 @@ filter      = sshd
 action      = hostsdeny[daemon_list=sshd]
               sendmail-whois[name=SSH, dest=you@example.com]
 ignoreregex = for myuser from
-logpath     = /var/log/sshd.log
+logpath     = /var/log/secure
 
 # Here we use blackhole routes for not requiring any additional kernel support
 # to store large volumes of banned IPs
@@ -203,7 +201,7 @@ logpath     = /var/log/sshd.log
 
 filter = sshd
 action = route
-logpath = /var/log/sshd.log
+logpath = /var/log/secure
 
 # Here we use a combination of Netfilter/Iptables and IPsets
 # for storing large volumes of banned IPs
@@ -214,13 +212,13 @@ logpath = /var/log/sshd.log
 
 filter   = sshd
 action   = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp]
-logpath  = /var/log/sshd.log
+logpath  = /var/log/secure
 
 [sshd-iptables-ipset6]
 
 filter   = sshd
 action   = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600]
-logpath  = /var/log/sshd.log
+logpath  = /var/log/secure
 
 # This jail uses ipfw, the standard firewall on FreeBSD. The "ignoreip"
 # option is overridden in this jail. Moreover, the action "mail-whois" defines
@@ -231,7 +229,7 @@ logpath  = /var/log/sshd.log
 filter   = sshd
 action   = ipfw[localhost=192.168.0.1]
            sendmail-whois[name="SSH,IPFW", dest=you@example.com]
-logpath  = /var/log/auth.log
+logpath  = /var/log/secure
 
 # bsd-ipfw is ipfw used by BSD. It uses ipfw tables.
 # table number must be unique.
@@ -243,14 +241,14 @@ logpath  = /var/log/auth.log
 
 filter   = sshd
 action   = bsd-ipfw[port=ssh,table=1]
-logpath  = /var/log/auth.log
+logpath  = /var/log/secure
 
 # PF is a BSD based firewall
 [ssh-pf]
 
 filter  = sshd
 action  = pf
-logpath = /var/log/sshd.log
+logpath = /var/log/secure
 maxretry= 5
 
 #
@@ -260,7 +258,7 @@ maxretry= 5
 [apache-auth]
 
 port     = http,https
-logpath  = /var/log/apache*/*error.log
+logpath  = /var/log/httpd/*error_log
 
 # Ban hosts which agent identifies spammer robots crawling the web
 # for email addresses. The mail outputs are buffered.
@@ -268,21 +266,20 @@ logpath  = /var/log/apache*/*error.log
 [apache-badbots]
 
 port     = http,https
-logpath  = /var/log/apache*/*access.log
-		   /var/www/*/logs/access_log
+logpath  = /var/log/httpd/*access_log
 bantime  = 172800
 maxretry = 1
 
 [apache-noscript]
 
 port     = http,https
-logpath  = /var/log/apache*/*error.log
+logpath  = /var/log/httpd/*error_log
 maxretry = 6
 
 [apache-overflows]
 
 port     = http,https
-logpath  = /var/log/apache*/*error.log
+logpath  = /var/log/httpd/*error_log
 maxretry = 2
 
 # Ban attackers that try to use PHP's URL-fopen() functionality
@@ -292,7 +289,7 @@ maxretry = 2
 [php-url-fopen]
 
 port    = http,https
-logpath = /var/www/*/logs/access_log
+logpath = /var/log/httpd/*access_log
 
 [suhosin]
 
@@ -325,7 +322,7 @@ logpath  = /var/log/sogo/sogo.log
 
 filter	 = apache-auth
 action   = hostsdeny
-logpath  = /var/log/apache*/*error.log
+logpath  = /var/log/httpd/*error_log
 maxretry = 6
 
 [3proxy]
@@ -347,7 +344,7 @@ logpath  = /var/log/proftpd/proftpd.log
 [pure-ftpd]
 
 port     = ftp,ftp-data,ftps,ftps-data
-logpath  = /var/log/auth.log
+logpath  = /var/log/secure
 maxretry = 6
 
 [vsftpd]
@@ -355,7 +352,7 @@ maxretry = 6
 port     = ftp,ftp-data,ftps,ftps-data
 logpath  = /var/log/vsftpd.log
 # or overwrite it in jails.local to be
-# logpath = /var/log/auth.log
+# logpath = /var/log/secure
 # if you want to rely on PAM failed login attempts
 # vsftpd's failregex should match both of those formats
 
@@ -390,12 +387,12 @@ logpath  = /root/path/to/assp/logs/maill
 [courier-smtp]
 
 port     = smtp,ssmtp,submission
-logpath  = /var/log/mail.log
+logpath  = /var/log/maillog
 
 [postfix]
 
 port     = smtp,ssmtp,submission
-logpath  = /var/log/mail.log
+logpath  = /var/log/maillog
 
 # The hosts.deny path can be defined with the "file" argument if it is
 # not in /etc.
@@ -427,7 +424,7 @@ logpath = /var/log/exim/mainlog
 [courier-auth]
 
 port     = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
-logpath  = /var/log/mail.log
+logpath  = /var/log/maillog
 
 
 [sasl]
@@ -436,12 +433,12 @@ port     = smtp,ssmtp,submission,imap2,i
 # You might consider monitoring /var/log/mail.warn instead if you are
 # running postfix since it would provide the same log lines at the
 # "warn" level but overall at the smaller filesize.
-logpath  = /var/log/mail.log
+logpath  = /var/log/maillog
 
 [dovecot]
 
 port    = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
-logpath = /var/log/mail.log
+logpath = /var/log/maillog
 
 [perdition]