diff --git a/Fail2Ban-Setup.md b/Fail2Ban-Setup.md
index 3ebadd3..82f188c 100644
--- a/Fail2Ban-Setup.md
+++ b/Fail2Ban-Setup.md
@@ -161,6 +161,13 @@ Do not use this if you use a reverse proxy before Docker container. If proxy, li
 **NOTE on the NOTE above**:  
 That's at least not true for running on Docker (CentOS 7) with caddy as reverse proxy. `chain=FORWARD` is absolutely fine and working with caddy as reverse proxy.
 
+**Tip**:If you are using systemd to manage vaultwarden, you can use systemd-journal for fail2ban:
+```
+backend = systemd
+filter = vaultwarden[journalmatch='_SYSTEMD_UNIT=your_vaultwarden.service']
+```
+Use these instead of `logpath = ` variable.
+
 **NOTE FOR CLOUDFLARE USERS**
 If you use cloudflare proxy, you'll need to add Cloudflare in your actions list, like in [this guide](https://niksec.com/using-fail2ban-with-cloudflare/)