Problem suppressing timestamp/Request-Athenticator in detailed logging

[Janet Plato]

Alan,

>   You're stuck on a solution that isn't working. 
> You should instead describe the problem.
> There is likely a better way to get the same results.
> 
>   Alan DeKok.


  Thanks for replying and your work on this project.  I am installing 
a new radius server and want to accomplish three kinds of logging, 
only one of which I mentioned.

In one paragraph:

 - I want to to send messages related to radiusd to a local file
   such as /var/log/messages or radius.log
 - I was accounting related messages written out one line each in a
   local file since it is easy to automatically filter them to
   notice anomalies.  I want to limit the size of log files and 
   putting it all on one line works better for me.
 - I want the accounting related messages to also be reflected to
   a remote syslog server that is part of our monitoring systems,
   where it can cause visual alerts when certain things happen.
 - I want to configure networks in clients.conf, but have logging
   done by NAS-IP-Addr.

At this moment the server seems to be answering fine and the default
config is mostly working.  I am now trying to work step by step towards
the following:

 - I want to have log messages related to the radius daemon appear in
/var/log/radius/radius.log (or /var/log/messages), things like starting
and stopping the server, errors in the config and so on.  Local detail
files could also go there, but I'd rather they went in their own detail
file.

 - I want radiusd to send syslog messages concerning logins to a
remote syslog server at the same time it logs local details.  I could
enable logging to the local syslog socket and having syslogd reflect
local1.* to @syslog.remote.my.net, but: radiusd cannot log to both
files and syslog in the same log {} stanza in radiusd.conf and also
syslogd would have to reflect all events of facility.* to the remote
server.  Right now nothing else uses local1.* but that might not 
always be true.  Also, if radiusd sends everything to a remote 
syslog server that is fine, as long as it also does local file logging.  
If radiusd does its own remote syslog sending, then local processes 
are free to send to the local socker on local1.* without conflict.
I could probably get syslogd to log to both a file and a remote server
but that causes problems with other processes potentially using the same
facility.severity.

 - I want to be able to configure networks in my clients.conf
file but have logging by NAS IP address.

I have this in clients.conf

client 10.0.0.0/16 {
       secret          = Hint:ThisIsNotTheRealSecret
}

I get this as a log entry:
Tue Nov  2 13:06:04 2010 : Auth: Login OK: [uname] (from client 10.0.0.0/16 port 1812)

I'd like to log the header line I specified and suppress everything else:

2010-11-03 14:50:38 1b17d86ead 10.1.1.1: User uname from 192.168.1.1 Start
2010-11-03 14:50:38 1b17d86ead 10.1.1.1: User uname from 192.168.1.1 Stop

  This lets me easily notice trends in the system, does not fill
up my logs, allows me to filter out logins from known users on 
their desktops, and see what is left.  I can easily write something 
that views the log file as a series of stanzas, and only shows 
those stanzas that do not contain both (a username line with a 
known user and a client-IP from a known host).  The detail log rolls daily
which is nice, but I would prefer the server messages to go into radius.log
which rolls less often.

  So how can I just have it create a header with what I want, 
and suppress everything else as well as log to a remote syslog server?

Cheers,

Janet