[RADIATOR] Log formatting question

Heikki Vatiainen hvn at open.com.au
Tue Nov 22 07:44:33 CST 2011


On 11/21/2011 09:16 PM, Masters, Bruce Alan wrote:

Hello Bruce,

>             We are just in the final stages of getting Radiator setup. 
> I am using TACACS+ with command logging. Has anyone written anything, or
> have any ideas, on how to make the log file a bit more readable? I am
> looking for something that would pull out the username and the commands
> and command arguments and dump it onto one line per command in a much
> more readable form. Any ideas are appreciated. Thank you.

Consider creating a Handler for accounting messages and using
AcctLogFileName to write the accounting records, or parts of them, into
a file.

Here's an example:

<Handler Request-Type=Accounting-Request>
	PreProcessingHook file:"createavpairs.pl"
	<AuthBy INTERNAL>
		DefaultResult REJECT
		AcctResult ACCEPT
	</AuthBy>
	AcctLogFileName accounting-log
	AcctLogFileFormat %l:%{User-Name}:%{cisco-cmd}
</Handler>

The Handler should go before other Handlers so that it can catch the
accounting messages first. The hook is in goodies/createavpairs.pl and
will add a new attribute called cisco-cmd, which combines all received
cisco-avpair attributes into one. See the file itself for more details.

This approach gives you added benefit for being future proof. If you
later need to store the log e.g., into SQL you can replace AuthBy
INTERNAL with AuthBy SQL.

Please let us know how this works.
Heikki


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list