[RADIATOR] (Radiator) Filtering log Message
Heikki Vatiainen
hvn at open.com.au
Thu Feb 23 08:46:58 CST 2012
Following up myself with one more option:
The patches for 4.9 now has support for defining Filename in AuthLog
FILE similarly to Filename in Log FILE. That is, | (pipe) character can
be specified to support this:
# Pipe to my-log-prog
Filename |/usr/local/bin/my-log-prog
See e.g., section "5.13.1 Filename" for more about using pipes.
Heikki
On 02/23/2012 12:04 AM, Heikki Vatiainen wrote:
> On 02/22/2012 01:25 PM, G.N. wrote:
>
>> i would like to know if is possible to filter Authlog entry, logging all except access from certain username.
>
> Unfortunately that is not possible.
>
>> Here my AuthLog conf
>>
>> <AuthLog FILE>
>> Identifier tL
>> Filename %L/Auth
>> LogSuccess 1
>> LogFailure 0
>> SuccessFormat %d-%m-%Y %H:%M:%S,%U,%{NAS-Identifier},%N
>> </AuthLog>
>
> There are a couple of possibilities:
> 1. Use a script, based on grep or something similar, to filter
> everything else except of the usernames you are interested in.
>
> 2. You could experiment with a named pipe
> http://en.wikipedia.org/wiki/Named_pipe
>
> Create a named pipe with mkfifo command and create a process that reads
> the named fifo. For example:
>
> % while :; do cat Auth|grep -v hvn ; done
>
> This will print out only LogSuccess lines that do not contain 'hvn'. The
> while loop is needed because radiusd closes the file after each write.
>
> Note that possibility 1 is the best especially if you are not familiar
> with handling named pipes. For example, you should watch file
> permissions and keep the reader process running all the time or radiusd
> will block waiting for the reader.
>
> Thanks!
> Heikki
>
>
>> Thank's.
>>
>> G.
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list