[RADIATOR] <AuthLog SYSLOG> on Windows Server ?
Robert Fisher
robert at sitestar.net
Fri Nov 1 16:16:35 CDT 2013
Jason:
I have a similar need, and when I first looked at Syslog -- even the
activestate forums said not to expect Sys::Syslog to work on windows.
Thankfully, that's changed -- and I did some testing first with a simple
script then finally in one my Radiator instance. I only specified an
AuthLog and I'm using a different facility -- but I can at least verify that
AuthLog SYSLOG works in my case with the following stanza on
Windows 2003 sp2 (i386/32 bit processor) running Radiator 4.11,
ActiveState Perl 5.16.3, with Sys::Syslog 0.32.
<AuthLog SYSLOG>
Identifier authsyslog
LogSuccess 1
LogFailure 1
SuccessFormat %l:%N:%u:%U:%P:%1:OK
FailureFormat %l:%N:%u:%U:%P:%1:FAIL
LogHost IP_OF_SYSLOG_SERVER
LogSock udp
LogIdent radius
Facility auth
</AuthLog>
Robert Fisher
Systems Administrator
Sitestar Internet Services
On 11/1/2013 1:58 PM, Mueller, Jason C wrote:
> Heikki,
>
> I created a Perl script independent of Radiator that called Sys::Syslog and sent a message to the remote host. That worked using UDP.
>
> Here are the stanzas I created in the Radiator config file:
>
> <Log SYSLOG>
> Identifier syslog
> LogSock udp
> LogHost IP_ADDRESS_OF_REMOTE_HOST
> Facility local5
> </Log>
>
> <AuthLog SYSLOG>
> Identifier authsyslog
> LogSock udp
> LogHost IP_ADDRESS_OF_REMOTE_HOST
> Facility local5
> SuccessFormat %H:%M:%S | %{Calling-Station-Id} | %u | OK | NAS-IP %N
> FailureFormat %H:%M:%S | %{Calling-Station-Id} | %u | FAIL: %1 | NAS-IP %N
> </AuthLog>
>
> As Neil indicated, the inet option did not work. I really don’t want to use the “inet” option, since it tries TCP first, and we are not using TCP. The RADIUS servers are under relatively heavy load, so I do not want to consume the time or cycles sending a message with no possible means of success in a single threaded application.
>
> I did not have the LogSuccess and LogFailure options set in the <AuthLog SYSLOG> clause. I have added those, but no success.
>
> I should note that when I had invalid attributes in the <Log SYSLOG> section that Radiator actually sent information to the syslog server indicating that I had invalid attributes. After they were removed and I restarted, Radiator did not send any logs. I would have expected to get the general log info, but that did not happen.
>
> Any help is appreciated. We might try upgrading Perl and upgrading Radiator (one at a time to see which makes a difference).
>
> -Jason
>
>
> On Oct 30, 2013, at 8:54 AM, Heikki Vatiainen <hvn at open.com.au> wrote:
>
>> On 10/29/2013 07:56 PM, Johnson, Neil M wrote:
>>> Tried the LogSock inet, did not work.
>>>
>>> We are running ActiveState PERL 5.12.2 and Sys::Syslog version 0.33
>> I tried with ActivePerl 5.14.4 and Sys::Syslog 0.33 using this
>> configuration:
>>
>> <AuthLog SYSLOG>
>> Identifier myauthlogger
>> LogHost 172.16.172.14
>> LogSock inet
>> LogSuccess 1
>> LogFailure 1
>> </AuthLog>
>>
>> I had tcpdump running on 172.16.172.14 and there was traffic to syslog
>> port 514. The configuration was goodies/authlog.cfg modified to use
>> SYSLOG as shown above.
>>
>> Maybe you could try a simple config to see if it works with something
>> very basic?
>>
>> I could not try with ActivePerl 5.12.2 since PPM complained about
>> requiring authentication to upgrade to 0.33. Seeing how to get this
>> solved may take a bit longer, but I thought I'd confirm syslog on
>> Windows should work.
>>
>>
>> --
>> Heikki Vatiainen <hvn at open.com.au>
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
More information about the radiator
mailing list