On Wed 09 Aug 2006 14:25, Josip Almasi wrote:
Peter Nixon wrote:
Wouldn't it be better for us to be a bit more concise about things? for example:
Mon Aug 7 20:18:40 2006 : Auth: Login incorrect (realm: myrealm proxy: myproxy): [peter/peter] (from client NAS1 port 60000 cli XXXXXXXX)
I am doing crazy thing like: DEFAULT Called-Station-Id == "YYYYYY", Proxy-To-Realm := realm1 DEFAULT Called-Station-Id == "ZZZZZZZ", Proxy-To-Realm := realm2
Therefore, I am sure that you can see why this extra logging information would be usefull. (You can't tell the realm simply by looking at the username)
Use the Source, Luke;)
And I'm logging vendor attributes. (in order to identify misconfigured NASes; comes handy when you have 400+ NASes and 150k users) Makes me think about configurable logging. Like, configure log in such a way that it always logs defined attributes values, if exist. Guess people need logging in various places; i.e. important message for me is user not found in radgroupcheck. So with such a log both Peter and me would get our logging requirements satisfied:)
Hi Josip I am of course capable of "using the source" however before I start committing code changes to a part of the server that I don't normally play with I thought I would discuss it on the list. I was also thinking about configurable logging. We are currently patching FR to add the CalledStationID to the Auth logs also as that is important info to us. One of our deployments is at a GSM operator where the CalledStationID is the APN name of the GPRS network, and therefore peter connecting to APN "internet" is a different user than "peter" connecting to APN "wap" or APN "corporatecustomerX" This is actually a change that I think everyone else could benefit from, as well as the proxy logging change. (Clearer logs are always better) however having a way to turn attributes on and off in the logs is a nice idea. I have not committed either patch yet because log formats are a sensitive thing to change (You break people's monitoring systems..) Do you have a patch for configurable logging? Cheers -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc