freeradius logging question
Alex Sharaz
alex.sharaz at york.ac.uk
Fri Mar 20 16:04:02 CET 2015
Cool
Thx
A
On 20 Mar 2015, at 14:58, Arran Cudbard-Bell wrote:
>
>> On 20 Mar 2015, at 09:57, Alex Sharaz <alex.sharaz at york.ac.uk> wrote:
>>
>>
>> Hi,
>>
>> In common with (probably) every other freeradius user, my radius.log file shows logging of the form
>>
>> .....
>> Fri Mar 20 13:44:07 2015 : Auth: Login OK: [jah534 at york.ac.uk] (from client arubal2 port 0 cli 78-4B-87-C0-81-97 via TLS tunnel)
>> Fri Mar 20 13:44:07 2015 : Auth: Login OK: [@york.ac.uk] (from client arubal2 port 0 cli 78-4B-87-C0-81-97)
>> Fri Mar 20 13:44:07 2015 : Auth: Login OK: [6C-F3-7F-C2-15-F0] (from client ce1sw4 port 29 cli 6C-F3-7F-C2-15-F0)
>> .....
>>
>> The above shows a local eduroam user log entry ( outer-tunnel user-name of @york.ac.uk ,inner tunnel username of jah534 at york.ac.uk) and a mac auth entry from a switch.
>>
>>
>> From our point of view, the record with jah534 at york.ac.uk is useful.... the @york.ac.uk record isn't.
>>
>> Is it possible to selectively disable what appears in the radius.log file ( e.g. modifying sites-enabled/default so that if RADIUS attribute EAP-Message exists don't add an entry to radius.log. This would allow our mac-auths to be logged as well as the TLS tunnel entries (as they are generated in sites-enabled/inner-tunnel) but discard the [@york.ac.uk] entries
>
> No. Use linelog and disable the default auth logging.
>
> -Arran
>
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS development team
>
> FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list