How to log failed auth attempts?

Todd R. tjrlist at
Wed Dec 17 21:14:31 CET 2008


 Thanks for your response.. 

First, I can't believe I missed this section of the radiusd.conf file, I
looked, really I did :)

I also noticed that it said that many things are logged when running
"radiusd -X" which explains some other things.. 

I made some changes and now I have sufficient log info in the text files.

Hate to push my luck here but I would love to expand what is being logged
SQL wise in my MySql db.

Right now, I have something like this logging on a failed attempt in the
MySQL DB within the radpostauth table:

id, username, pass, reply, authdate
41, dude at, mypass, Access-Accept, 2008-12-17 13:09:15

What I would like to see is something like this:
id, username, pass, reply, reply-message, authdate
41, dude at, mybadpass, Access-Accept, Login incorrect (rlm_pap:
CLEAR TEXT password check failed), 2008-12-17 13:09:15

Any help with this would be appreciated.

 Todd R.

-----Original Message-----
From: at
[ at lists.freeradius.
org] On Behalf Of Alan DeKok
Sent: Wednesday, December 17, 2008 5:32 AM
To: FreeRadius users mailing list
Subject: Re: How to log failed auth attempts?

Todd R. wrote:
> It seems that most things I have read suggest that failed authentication
> attempts are logged to the radius.log by default but they do not show up
> me.

  Edit raddb/radiusd.conf, and read the "log" section.  It has
configuration entries that control this behavior.

  Alan DeKok.
List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list