Best practices for logging in production environment?
Matthew Newton
mcn4 at leicester.ac.uk
Fri Mar 27 00:42:45 CET 2015
On Thu, Mar 26, 2015 at 07:24:24PM -0400, Mohamed Lrhazi wrote:
> I see that if run with -X, I see this log:
>
> (23) } # authenticate = invalid
> (23) Failed to authenticate the user.
> (23) Login incorrect (eap: Failed continuing EAP PEAP (25) session. EAP
> sub-module failed): [ml623] (from client gu_net_141_161 port 0 cli
> 02-00-00-00-00-01)
> (23) Using Post-Auth-Type Reject
> (23) # Executing group from file /etc/freeradius/sites-enabled/default
If you're logging that in the default (outer) server, try logging
it from the inner-tunnel post-auth, just after you've done the
actual authentication?
If that comes up with what you're after, you can use unlang to
copy the Module-Failure-Message to the outer request for logging
there if you prefer.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list