How to log failed auth attempts?
Alan DeKok
aland at deployingradius.com
Thu Dec 18 10:03:20 CET 2008
Todd R. wrote:
> I also noticed that it said that many things are logged when running
> "radiusd -X" which explains some other things..
That's the reason for the continual instructions to run in debug mode.
> Right now, I have something like this logging on a failed attempt in the
> MySQL DB within the radpostauth table:
>
> id, username, pass, reply, authdate
> 41, dude at somerealm.com, mypass, Access-Accept, 2008-12-17 13:09:15
>
>
> What I would like to see is something like this:
> id, username, pass, reply, reply-message, authdate
> 41, dude at somerealm.com, mybadpass, Access-Accept, Login incorrect (rlm_pap:
> CLEAR TEXT password check failed), 2008-12-17 13:09:15
Just... edit the queries. Adding %{Module-Failure-Message} to the
queries should get you lots of that information.
Alan DeKok.
More information about the Freeradius-Users
mailing list