[RADIATOR] (Radiator) Filtering log Message

Heikki Vatiainen hvn at open.com.au
Wed Feb 22 16:04:27 CST 2012


On 02/22/2012 01:25 PM, G.N. wrote:

> i would like to know if is possible to filter Authlog entry, logging all except access from certain username.

Unfortunately that is not possible.

> Here my AuthLog conf
> 
> <AuthLog FILE>
>         Identifier tL
>         Filename %L/Auth
>         LogSuccess 1
>         LogFailure 0
>         SuccessFormat %d-%m-%Y %H:%M:%S,%U,%{NAS-Identifier},%N
> </AuthLog>

There are a couple of possibilities:
1. Use a script, based on grep or something similar, to filter
everything else except of the usernames you are interested in.

2. You could experiment with a named pipe
http://en.wikipedia.org/wiki/Named_pipe

Create a named pipe with mkfifo command and create a process that reads
the named fifo. For example:

% while :; do cat Auth|grep -v hvn ; done

This will print out only LogSuccess lines that do not contain 'hvn'. The
while loop is needed because radiusd closes the file after each write.

Note that possibility 1 is the best especially if you are not familiar
with handling named pipes. For example, you should watch file
permissions and keep the reader process running all the time or radiusd
will block waiting for the reader.

Thanks!
Heikki


> Thank's.
> 
> G.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list