[RADIATOR] Radiator TACACS+: How to log authorizations of user commands?
Patrik Forsberg
patrik.forsberg at ip-only.se
Thu Aug 15 13:36:57 UTC 2019
Hello,
This is all possible.
Check the goodies directory for
tacacsplusserver.cfg
tacplus.txt
they give good hints on how to set this up.
As for success/fail you can use for example
<AuthLog FILE>
Identifier AuthLogger
Filename %L/fail-authlog
LogSuccess 0
LogFailure 1
FailureFormat %l REJECT user=%u from=%c nas=%N client=%{Request:Calling-Station-Id}
</AuthLog>
<AuthLog FILE>
Identifier IdentSuccessAuthLogger
LogSuccess 1
LogFailure 0
Filename %L/success-authlog
SuccessFormat %l ACCEPT user=%u from=%c nas=%N client=%{Request:Calling-Station-Id}
</AuthLog>
Which would create one success logfile and one failure logfile and also pick out the interesting bits ..
---
Regards,
Patrik Forsberg
From: radiator <radiator-bounces at lists.open.com.au> On Behalf Of BeheerInfra-OT at kpn.com
Sent: den 15 augusti 2019 14:29
To: radiator at lists.open.com.au
Subject: [RADIATOR] Radiator TACACS+: How to log authorizations of user commands?
Hello fellow Raditor AAA users,
We like to setup logging of Tacacs+ command authorization. We were only able to find Authentication an Account logging examples.
Authentication successes and failures in a single line log entry would be a great feature, instead of having to re-reading a complete user session in /var/log/radiator/radiator.log to find out which commands where used.
Regards,
Jan Gerrit Kootstra
On behalve of KPN ACN Present BeheerInfra Services.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20190815/761ff9a2/attachment-0001.html>
More information about the radiator
mailing list