On CentOS versions 6.3 and 6.4 failed ssh login attempts are logged to
The default jail.conf that currently ships with this cookbook sets the configuration as follows.
This means on CentOS 6.3 and 6.4 the fail2ban cookbook does not work out of the box.
The above can be overridden using a /etc/fail2ban/jail.local
1. Provide a way to write a jail.local file. Mentioned in this ticket. http://tickets.opscode.com/browse/COOK-2530
2. Better defaults for CentOS.
Id be happy to do a pull request for this feature.