I have installed Bruteblock as specified in the documentation but it completely fails to pick up any of the SSH break-in attempts that happen on my system (and there's a lot). Is the configuration as installed OK or do I need to tweek something? The regex in the config file seems to match what comes into the log but still it never matches.