I would agree but in my jail.local file I have path calls in all the jails. Even odder is that if I remove the jails from the jail.local it is giving me the same error. I even reformatted the server to base ubuntu 14.04 64bit minimal (my normal flavor) and same issue. Spun up a new server did the exact same setup and it is working. Really odd.
Here is the jail.local for sshd which it is erroring out on.
`[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 3600
[sshd-ddos]
enabled = true
port = 22
filter = sshd-ddos
logpath = /var/log/auth.log
maxretry = 6
bantime = 3600
`
Here is my fail2ban.conf and you can see there is a log target (sorry about the # side causing bold in markdown)
# Option: logtarget
# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
# Only one log target can be specified.
# If you change logtarget from the default value and you are
# using logrotate -- also adjust or disable rotation in the
# corresponding configuration file
# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR
#
logtarget = /var/log/fail2ban.log
finally I have line by line compared a working server to this and they are identical... really odd... might try 16.04 of ubuntu or debian core but just really perplexed by this one.