Failed login reporting
The main amount of activity I see on my server is login attempts on SSH, and always has to do with password attempts.
I'm investigating different software I can use to effectively report such activity to providers. I guess this elusive program's features would include a log analyzer, nslookup parser, intrusion reporting to ISP, and firewall-rule appending for repeated offenses.
Can anyone recommend a cron-able script or program which handles this sort of activity?