v3 and rlm_sql_log/radsqlrelay

Alan DeKok aland at deployingradius.com
Tue Sep 3 13:28:01 CEST 2019

On Sep 2, 2019, at 7:46 PM, Artis Caune <artis.caune at gmail.com> wrote:
> Looking at replacing sql_log from v1
> Module has been removed in v3 but 3.0.19 still ships with radsqlrelay.
> radsqlreplay(8) still refers to rlm_sql_log

  That's a simple fix.

> I tried this and it works:
> sql sql_auth_log {
>        driver = "rlm_sql_null"
>        post-auth {
>                logfile = "${logdir}/auth_log.sql"
>                query = "INSERT INTO authlog ..."
>        }
> }
> and: radsqlrelay -x -d mysql ... /var/log/freeradius/auth_log.sql

  Yes.  Sometimes the FR config can be tiny.

  The default config is huge because it has to do *everything*.

> Just wondering if there are better ways of doing this as looks like
> radsqlrelay might not be supported anymore ?

  It's fine.

> Inserting during auth is not an option as it slows down server and master
> might not be available for regional nodes.
> Another option might be to proxy auth logs as radius packets (buffered) to
> central radius server which will insert all requests whenever db is ready.

  It's best to make sure that a critical database is (a) alive, and (b) fast.  Anything else is just papering over the issue.

  Alan DeKok.

More information about the Freeradius-Users mailing list