syslog patch to rlm_detail in 1.1.0
Peter Nixon
listuser at peternixon.net
Tue Feb 28 16:28:43 CET 2006
On Tue 28 Feb 2006 00:19, Alan DeKok wrote:
> Geoff Silver <geoff+freeradius at uslinux.net> wrote:
> > I had to patch rlm_detail.c so that our auth and accounting logs are
> > sent to a central syslog server. We have about two dozen radius
> > servers around the world, so auditing their access is painful.
>
> radrelay? Have a central RADIUS server that does nothing but
> accounting, and use radrelay to send the data there. That server can
> be made to do syslog (if you care).
>
> But I wouldn't suggest anyone use syslog like this.
>
> > In order to avoid duplicating code, rlm_detail now builds a string and
> > then prints it or syslog's it, rather than printing as it goes along.
>
> Many syslog servers have size limitations on the strings they can
> handle. They may not be able to take a full RADIUS attribute, much
> less a list of RADIUS attributes in one string.
For what it's worth, I don't think its a good idea to use syslog (Especially
for Accounting) in place of RADIUS relay but it actually does make sense for
some cases. In particular sending Authentication failures via syslog-ng to
your central syslog server is a nice idea.
I think that this functionality should probably go into FreeRADIUS (Although I
haven't checked the patch itself).
Regards
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20060228/5e8c0efd/attachment.pgp>
More information about the Freeradius-Devel
mailing list