How to log failed auth attempts?
tjrlist at lightwavetech.com
Thu Dec 18 05:48:06 CET 2008
You are probably the first to want the exact same text. Someone may have
wanted to log the reason for the reject, but they probably didn't care about
the exact representation of that reason.
I just want what FreeRadius is already logging to the text file, I don't
want any special custom text for each error, just what's already being
logged to the text files.
Thanks for your help, I don't think I want to dig that hard to get this
solution, I am just surprised that it's this hard.
If the info is already being logged to the text file, it must exist in some
variable which should allow me to get it and insert the same into the DB.
Either way, if I can't solve this fairly simple, I will probably parse the
radiusd.log file with a command line script and insert each line into a
table. I do this now with some other logs files, this allows me to then do
web based queries against the tables.
freeradius-users-bounces+tjrlist=lightwavetech.com at lists.freeradius.org
[mailto:freeradius-users-bounces+tjrlist=lightwavetech.com at lists.freeradius.
org] On Behalf Of Scott Lambert
Sent: Wednesday, December 17, 2008 10:39 PM
To: FreeRadius users mailing list
Subject: Re: How to log failed auth attempts?
On Wed, Dec 17, 2008 at 07:51:48PM -0600, Todd R. wrote:
> This seems odd, I can't be the first person to want to have the reason for
> the reject in the SQL table??
> It can't be rocket science to get this to log in the DB when it's already
> being logged in the text logs??
You are probably the first to want the exact same text. Someone may
have wanted to log the reason for the reject, but they probably didn't
care about the exact representation of that reason.
If you want this, I suspect that you will need to look at the source
code which generates the text for the log module. It may tell you the
correct varible to use so you can store the correct reason value in the
database. You can then build logic in your reporting logic to show you
the text you want. That would likely be more efficient, storage wise,
for your database too.
It's not rocket science, but it is likely "some assembly required."
I am not a FreeRADIUS developer, so this is speculation.
Scott Lambert KC5MLE Unix SysAdmin
lambert at lambertfam.org
List info/subscribe/unsubscribe? See
More information about the Freeradius-Users