Below is instruction, how to set up f2b for mattermost. When i was writing it, i discovered, that it doesn’t protect, when someone is trying to log as none existing user
but, after a while, addittion regex was ready and it’s included to this tutorial 
Before we start with fail2ban, You have to switch off JSON log type, from System Console > Log settings.
It is important to regex work properly.
To use fail2ban with mattermost, we have to install it from terminal
sudo apt install fail2ban
After it, edit your /etc/fail2ban/jail.conf file:
set your IP to ignore list in place of xxx.xxx.xxx.xxx to avoid ban yourself 
ignoreip = 127.0.0.1/8,xxx.xxx.xxx.xxx
At the end of file, add code:
[mattermost]
enabled = true
filter = mattermost-logfail
logpath = /opt/mattermost/logs/mattermost.log
findtime = 300
bantime = 600
maxretry = 5
[mattermost-passlockout]
enabled = true
filter = mattermost-passlockout
logpath = /opt/mattermost/logs/mattermost.log
findtime = 300
bantime = 600
maxretry = 5
You could change values above, to correct for your case. Meaning of all parameters, You could find in jail.conf comments 
The code above is enabling two filters:
The first [mattermost] is cheking log file, for incorrect password for existing users (after 5 tries, mattermost is locking account, but imho ban is better
) and for trying to log non existing (brute force? ), which is not normally protected via mattermost.
The second one [mattermost-passlockout] is to prevent another tries at already locked account, in same brute force case or something else.
Now we have to create two filter files:
sudo nano /etc/fail2ban/filter.d/mattermost-logfail.conf
and paste code into it and save:
[Definition]
failregex = .\Login failed because of invalid password.“ip_addr”: “”.
.\This team may require an invite from the team owner to join.“ip_addr”: “”.
ignoreregex =
and the second one:
sudo nano /etc/fail2ban/filter.d/mattermost-passlockout.conf
with code:
[Definition]
failregex = .\Your account is locked because of too many failed password attempts. Please reset your password.“ip_addr”: “”.
ignoreregex =
Now just restart your fail2ban by systemctl restart fail2ban and check does all jails are up by fail2ban-client status
You should see something like:

To check number of fails, use command fail2ban-client status

To check is everything work properly, try to log with incorrect password, but remember to do it from different than ignoreip in jail.conf 