[RADIATOR] Auth SQL and debug
Heikki Vatiainen
hvn at open.com.au
Tue Jul 6 13:07:35 UTC 2021
On 2.7.2021 13.57, Claudio Ramirez wrote:
> I want to limit the debug logging in an Authby SQL block even when the
> global Trace is set to 4. I wonder if this is possible.
You can limit different <Log...> clauses with Trace parameter so that a
certain logger does not log, for example, anything but INFO and higher
priority. Limiting a <Clause...> so that it does not emit DEBUG messages
is not possible.
What you could consider is to configure LogFILE or LogSYSLOG with
LogFormatHook that returns a sanitised message.
For example:
# See global LogFile documentation for details
# about default logger, etc.
# Turn of default logger
Trace 3
<Log FILE>
Trace 4
LogFormatHook file:"%D/log-filter.pl"
Filename %L/filtered.log
</Log>
# %D/log-filter.pl
sub {
my ($priority, $s, $p, $trace_id) = @_;
# Convert numeric value to textual
$priority = $Radius::Log::priorityToString[$priority];
if ($s =~ m/^Query to .*AES/s) {
# filter $s
}
return localtime() . ": $priority: $s";
}
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
More information about the radiator
mailing list