it can filter even better than before, because fail2ban usually does not care about everything in `auth.log`. i guess i don't see the problem.