Empty timestamp in linelog
Alan DeKok
aland at deployingradius.com
Mon Nov 27 18:59:10 UTC 2023
On Nov 27, 2023, at 11:43 AM, Ashraf Al-Basti <albasti at gmail.com> wrote:
> I have configured Linelog to log the accept/reject messages but I'm
> facing an issue if the username has "@".
> if the username has "@" the timestamp will become empty. below the conf and
> the debug for both cases
...
> Access-Accept =
> "%{Event-Timestamp},%{User-Name},%{NAS-Identifier},%{reply:Packet-Type},%l,%{NAS-IP-Address},%{ERX-Dhcp-Mac-Addr},%{reply:Reply-Message}"
The Event-Timestamp is logged only if it exists.
> (0) Received Access-Request Id 25 from 192.168.1.21:61062 to
> 192.168.1.157:1812 length 153
... no Event-Timestamp attribute.
> (0) llog-auth-reject: EXPAND
> %{Event-Timestamp},%{User-Name},%{NAS-Identifier},%{reply:Packet-Type},%l,%{NAS-IP-Address},%{ERX-Dhcp-Mac-Addr},%{reply:Reply-Message}
> (0) llog-auth-reject: --> ,test at wifi
> ,SRC,Access-Reject,1701103042,10.129.10.50,11-33-44-55-a5-12,
Which means Event-Timestamp isn't logged.
You will also notice that it rejects the user after checking the User-Name.
> Username without "@"
... no Event-Timestamp attribute is in the packet, either.
But the server runs a lot more policies, one of which creates the Event-Timetamp attribute.
If you want to log the value of an attribute, make sure it exists. The server can't log information which doesn't exist.
Alan DeKok.
More information about the Freeradius-Users
mailing list