diff --git a/createlinks b/createlinks
index 14ec10f..ec74f9a 100644
--- a/createlinks
+++ b/createlinks
@@ -17,7 +17,8 @@ safe_symlink("restart", "root/etc/e-smith/events/fail2ban-conf/services2adjust/f
 safe_symlink("restart", "root/etc/e-smith/events/network-create/services2adjust/fail2ban");
 safe_symlink("restart", "root/etc/e-smith/events/network-delete/services2adjust/fail2ban");
 safe_symlink("restart", "root/etc/e-smith/events/remoteaccess-update/services2adjust/fail2ban");
-safe_symlink("restart", "root/etc/e-smith/events/logrotate/services2adjust/fail2ban");
+event_link("fail2ban-suspend-logs", "logrotate", "02");
+event_link("fail2ban-resume-logs", "logrotate", "98");
 
 safe_touch("root/var/log/fail2ban/daemon.log");
 
diff --git a/root/etc/e-smith/events/actions/fail2ban-resume-logs b/root/etc/e-smith/events/actions/fail2ban-resume-logs
new file mode 100644
index 0000000..07d7a04
--- /dev/null
+++ b/root/etc/e-smith/events/actions/fail2ban-resume-logs
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+STATUS=$(/sbin/e-smith/db configuration getprop fail2ban status || echo disabled)
+if [ "$STATUS" != "enabled" ]; then
+  exit 0
+fi
+
+sleep 1
+for JAIL in http-overflows http-noscript http-scan http-auth; do
+  /usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
+  if [ $? -eq 0 ]; then
+    /usr/bin/fail2ban-client set $JAIL addlogpath /var/log/httpd/error_log
+  fi
+done
+
+for JAIL in pam-generic ftp; do
+  /usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
+  if [ $? -eq 0 ]; then
+    /usr/bin/fail2ban-client set $JAIL addlogpath /var/log/secure
+  fi
+done
+
+for JAIL in lemonldap; do
+  /usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
+  if [ $? -eq 0 ]; then
+    /usr/bin/fail2ban-client set $JAIL addlogpath /var/log/messages
+  fi
+done
diff --git a/root/etc/e-smith/events/actions/fail2ban-suspend-logs b/root/etc/e-smith/events/actions/fail2ban-suspend-logs
new file mode 100644
index 0000000..a92767f
--- /dev/null
+++ b/root/etc/e-smith/events/actions/fail2ban-suspend-logs
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+STATUS=$(/sbin/e-smith/db configuration getprop fail2ban status || echo disabled)
+if [ "$STATUS" != "enabled" ]; then
+  exit 0
+fi
+
+for JAIL in http-overflows http-noscript http-scan http-auth; do
+  /usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
+  if [ $? -eq 0 ]; then
+    /usr/bin/fail2ban-client set $JAIL dellogpath /var/log/httpd/error_log
+  fi
+done
+
+for JAIL in pam-generic ftp; do
+  /usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
+  if [ $? -eq 0 ]; then
+    /usr/bin/fail2ban-client set $JAIL dellogpath /var/log/secure
+  fi
+done
+
+for JAIL in lemonldap; do
+  /usr/bin/fail2ban-client status $JAIL > /dev/null 2>&1
+  if [ $? -eq 0 ]; then
+    /usr/bin/fail2ban-client set $JAIL dellogpath /var/log/messages
+  fi
+done