On 11/21/2011 09:16 PM, Masters, Bruce Alan wrote: Hello Bruce,
> We are just in the final stages of getting Radiator setup. > I am using TACACS+ with command logging. Has anyone written anything, or > have any ideas, on how to make the log file a bit more readable? I am > looking for something that would pull out the username and the commands > and command arguments and dump it onto one line per command in a much > more readable form. Any ideas are appreciated. Thank you. Consider creating a Handler for accounting messages and using AcctLogFileName to write the accounting records, or parts of them, into a file. Here's an example: <Handler Request-Type=Accounting-Request> PreProcessingHook file:"createavpairs.pl" <AuthBy INTERNAL> DefaultResult REJECT AcctResult ACCEPT </AuthBy> AcctLogFileName accounting-log AcctLogFileFormat %l:%{User-Name}:%{cisco-cmd} </Handler> The Handler should go before other Handlers so that it can catch the accounting messages first. The hook is in goodies/createavpairs.pl and will add a new attribute called cisco-cmd, which combines all received cisco-avpair attributes into one. See the file itself for more details. This approach gives you added benefit for being future proof. If you later need to store the log e.g., into SQL you can replace AuthBy INTERNAL with AuthBy SQL. Please let us know how this works. Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator