Freeradius logging problem
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Wed Jan 6 21:38:01 CET 2016
Hi,
TBH, iu cant recall if expansions work for that secion in radiusd.conf - if theres a quirky bug
it wont get fixed in 2.1.12
but for logging there are 2 ways that do work....and should work fine
1) use the 'detail' module
2) use linelog
for the details module - i think you are using this(!) ? you should be looking at modules/detail.log file -
as thats the file that is actuslly used for auth_log et al
and if %{Virtual-Server} expansion doesnt work there - easy, just create a new detail entry eg
eduroam_auth_log and call that instead of auth_log in relevant section of the virtual server - and do the same
for the other calls to log functions
eg
detail eduroam_auth_log {
detailfile = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
detailperm = 0600
suppress {
User-Password
EAP-MSK
EAP-EMSK
EAP-Message
MS-MPPE-Recv-Key
MS-MPPE-Send-Key
MS-MPPE-Encryption-Policy
MS-MPPE-Encryption-Types
}
}
..for linelog, simply look at the modules/linelog file and configure as required....or make a new one eg
linelog eduroam-linelog {
<put config here!>
}
and then call linelog in relevant place to capture required bits - linelog is generally better as the
output can be nicely customised to contain exactly the stuff needed in format needed...
obviously there are many other methods - eg using the buffered-sql virtual server and copying detail output
asynchronously to an SQL server so you have logs in database format (great for searching)
some of this may only be applicable to 2.2.x - but thats what you should be running as a minimum these
days (and even that is around end of support time)
alan
More information about the Freeradius-Users
mailing list