Add client IP address to log messages
Drew Weaver
drew.weaver at thenap.com
Tue Nov 23 13:41:50 CET 2021
Hello,
FreeRADIUS has been working well for us but we've started to see an increase in attempts to login to some of our devices from unsavory characters.
We have a lot of devices so it would really be useful if FreeRADIUS could log what client the request comes from.
Currently, this is what it looks like when we see a failed login attempt.
1. Login incorrect (pap: Crypt digest does not match "known good" digest): [drew] (from client localhost port 0)
Does anybody know how I can adjust it so that it says something like
1. Login incorrect (pap: Crypt digest does not match "known good" digest): [drew] (from client localhost port 0) from 192.168.55.2
Where 192.168.55.2 is the IP address that sent the RADIUS auth request?
I believe that the information inside of the ( ) is sent from the device itself, I am working with the device MFG to see if they can actually fix their implementation so that it makes the device identifiable that way as well.
Any way to speed up the process of remediation is tremendously helpful.
Thanks,
-Drew
More information about the Freeradius-Users
mailing list