-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/12/2014 02:06 PM, Alan DeKok wrote:
Munroe Sollog wrote:
I currently have freeradius 2.1.12 on a cent6 system. It is only being used to collect accounting data for a VPN. The RADIUS auth is happening somewhere else. The detail logs are currently being stored in /var/log/radius/radacct/<client IP>/detail-<daily-file>. However, while radius itself is logging to syslog, this detail file is not using syslog. My ultimate goal is to be able to forward all of these detail accounting logs to a central syslog server for analysis.
I would suggest another solution. Syslog is meant for line-oriented log messages. The detail file is definitely *not* that.
My current solution is I have a daemon that watches all of the files, slurps it up and re-emits it as syslog data to an rsyslog server.
I am hoping there is a way to configure freeradius to do this so I can dismantle my hack.
If you need to move files from one machine to another, use "scp". Syslog is absolutely the wrong approach.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
scp is a batch process, the goal is to get the data (connecting IP, given IP, and username) into logstash (like splunkd) so that real-time analysis can be performed on the data. The linelog option seems like a resonable one. Do you know what version I would have to upgrade to in order to not have to apply the patch and rebuild? - - Munroe -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQEcBAEBAgAGBQJTmfVUAAoJEPbbZiWCKDVC79cIAJIYB1xAq+Fjo5K0Ih29P0P1 tJm5aqJC0vmLVCrDOSQZidsiMbYUPN4PrLu2H20yVwuPz04EplNX14YnmsQdzp66 g/nc+pBQ552W+GXOLVUmtzdrs+B6rmA+6h+CuUna/oeIPLfhb8z7qZTFDk/Fv40N q5V7+YJojytfUoBDGy/kNNtAlGSdHVURjS8gk8zOSu65AgFZj+P6hYPD4WTG/ZsH qzzAHgUzckoYS0gUHIgtWW6uD7RKYqiwe+LKrYk711bWXISMAb/OuuGdrVmPsC4z 3HGVjwTgmiMa1wKmH1PsiQCiANqnOG+luB819O7TsKW3LWuTgNVPote6XOYDzM0= =kwZ/ -----END PGP SIGNATURE-----