[RADIATOR] Account log to MySQL

2015-02-03 Thread Chad Roseburg 
Goal:
Capture successful logins as well as failures for stats purposes.

I am setting up logging to a local MySQL instance. Here's what I've done:

* Following instructions in the 'mysqlcreate.sql' file, I created the
radius table and user(s).
* Created the Mysql tables using the provided 'mysqlCreate.sql' in goodies.
* Added the following stanza to my Handler just below the SIP Authby stanza:

-- conf -


   
Port   6001
Host  siphost.com

Delimiter |

LoginUserID sipuser
LoginPassword supersecret
LocationCode Radiator

 SendChecksum no
 VerifyChecksum no

NoDefault
EAPType GTC


DBSourcedbi:mysql:radius:localhost
DBUsername  radius
DBAuth  secrets
LogSuccess
SuccessQueryinsert into RADAUTHLOG (TIME_STAMP,
USERNAME, TYPE, REASON) values (%t, '%n', 1)
LogFailure
FailureQueryinsert into RADAUTHLOG (TIME_STAMP,
USERNAME, TYPE, REASON) values (%t, '%n', 0, %1)


-- /conf ---

I'm not seeing anything with:
SELECT * FROM RADAUTHLOG;

Is it just a quiet day or am I missing something?

Last question is: does USERNAME refer to the client?

Thank you!

-- 
Chad Roseburg
Automation Dept.
North Central Regional Library
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] Account log to MySQL

2015-02-03 Thread Michael 
If you have a lot of different devices, and lots of auth activity, I 
would suggest setting up your authlog sql table to have a unique index 
for user/type/reason, and an sql query that inserts, but if the same 
error already exists, just increment a count column and the timestamp.  
This way, if a device that is rejected, and tries to connect 12 million 
times cause it's a stupid Dlink router, you don't end up with 12 million 
rows in your sql table.


Only applies for larger setups i guess.


On 03/02/15 04:39 PM, Chad Roseburg wrote:

Goal:
Capture successful logins as well as failures for stats purposes.

I am setting up logging to a local MySQL instance. Here's what I've done:

* Following instructions in the 'mysqlcreate.sql' file, I created the 
radius table and user(s).
* Created the Mysql tables using the provided 'mysqlCreate.sql' in 
goodies.
* Added the following stanza to my Handler just below the SIP Authby 
stanza:


-- conf -


   
Port   6001
Host siphost.com 
Delimiter |
LoginUserID sipuser
LoginPassword supersecret
LocationCode Radiator
 SendChecksum no
 VerifyChecksum no
NoDefault
EAPType GTC


DBSource  dbi:mysql:radius:localhost
DBUsername  radius
DBAuth  secrets
LogSuccess
SuccessQueryinsert into RADAUTHLOG (TIME_STAMP, 
USERNAME, TYPE, REASON) values (%t, '%n', 1)

LogFailure
FailureQueryinsert into RADAUTHLOG (TIME_STAMP, 
USERNAME, TYPE, REASON) values (%t, '%n', 0, %1)



-- /conf ---

I'm not seeing anything with:
SELECT * FROM RADAUTHLOG;

Is it just a quiet day or am I missing something?

Last question is: does USERNAME refer to the client?

Thank you!

--
Chad Roseburg
Automation Dept.
North Central Regional Library


___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator


___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

[RADIATOR] AuthBy Syslog port

2015-02-03 Thread List 
Is it possible to log AuthBy Syslog to an external server on a different 
port than 514?  Reading the documentation I don't see an option to 
specify the port of the remote syslog server.

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] Account log to MySQL

2015-02-03 Thread Hugh Irvine 

Hello Chad -

From what you show below, you have two “” lines - if this is not a 
typo it will certainly confuse the configuration file parser.

The best way to debug is to set the Trace level to 4 (DEBUG) so you can see 
exactly what is happening.

You set the Trace level in the configuration file:


…..

Trace 4

…..


regards

Hugh


> On 4 Feb 2015, at 08:39, Chad Roseburg  wrote:
> 
> Goal:
> Capture successful logins as well as failures for stats purposes.
> 
> I am setting up logging to a local MySQL instance. Here's what I've done:
> 
> * Following instructions in the 'mysqlcreate.sql' file, I created the radius 
> table and user(s). 
> * Created the Mysql tables using the provided 'mysqlCreate.sql' in goodies.
> * Added the following stanza to my Handler just below the SIP Authby stanza:
> 
> -- conf -
> 
> 
>
> Port   6001
> Host  siphost.com
>  
> Delimiter |
>  
> LoginUserID sipuser
> LoginPassword supersecret
> LocationCode Radiator
>  
>  SendChecksum no
>  VerifyChecksum no
>  
> NoDefault
> EAPType GTC
> 
> 
> DBSourcedbi:mysql:radius:localhost
> DBUsername  radius
> DBAuth  secrets
> LogSuccess
> SuccessQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, 
> TYPE, REASON) values (%t, '%n', 1)
> LogFailure
> FailureQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, 
> TYPE, REASON) values (%t, '%n', 0, %1)
> 
> 
> -- /conf ---
> 
> I'm not seeing anything with:
> SELECT * FROM RADAUTHLOG;
> 
> Is it just a quiet day or am I missing something?
> 
> Last question is: does USERNAME refer to the client?
> 
> Thank you!
> 
> -- 
> Chad Roseburg
> Automation Dept.
> North Central Regional Library
> ___
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator