Hi,
Hopefully a quick question, Ive had a read of the manual, but cant seem to find
if it is possible to set a path for each logfile?
i.e.
Identifier myauthlogger3
Filename authlog_dsl_cust_a
Will log to file authlog_dsl_cust_a in the dir that radiator was started from -
Is
Hello Michael -
Yes - set the LogDir parameter to whatever you wish:
…..
# set LogDir
LogDir /var/log/radius
…..
Identifier myauthlogger3
Filename %L/authlog_dsl_cust_a
…..
You can also use any of the special characters listed in section 5.2 of the
Radiator 4.15
Ah - Legendary! - Thank you Hugh.
-Original Message-
From: Hugh Irvine [mailto:h...@open.com.au]
Sent: Wednesday, 4 November 2015 4:47 PM
To: Michael Bellears
Cc: radiator@open.com.au
Subject: Re: [RADIATOR] Authlog FILE - file location
Hello Michael -
Yes - set the LogDir parameter
On 02/24/2014 11:23 AM, Kurt Bauer wrote:
Yes I tried, but it didn't make any difference. Seems 'pid' is always used.
I manually changed $self-{LogOpt} in AuthLogSYSLOG.pm and LogSYSLOG.pm
from 'pid' to 'cons', which does the 'trick', but is a dirty hack of
course.
I did some testing with
Hello Heikki,
Heikki Vatiainen mailto:h...@open.com.au
23. Februar 2014 22:42
On 02/21/2014 05:58 PM, Kurt Bauer wrote:
Too easily find the logs from various servers apart I added a custom
LogIdent parameter per Server, which works as expected. The problem now
is, that Radiator appends the
On 02/21/2014 05:58 PM, Kurt Bauer wrote:
Too easily find the logs from various servers apart I added a custom
LogIdent parameter per Server, which works as expected. The problem now
is, that Radiator appends the pid in square brackets to the LogIdent,
which means, that the central tool
Hi,
I recently tried to integrate Radiator syslog messages into our central
logging tool.
Too easily find the logs from various servers apart I added a custom
LogIdent parameter per Server, which works as expected. The problem now
is, that Radiator appends the pid in square brackets to the
On 11/13/2013 09:39 PM, Johnson, Neil M wrote:
Can you specify more than one SYSLOG host to send messages to ?
We would like to send messages to two different servers for redundancy.
I tried adding a second IP address to the LogHost attribute, but it
doesn't seem to work.
Currently this
Heikki,
Can you specify more than one SYSLOG host to send messages to ?
We would like to send messages to two different servers for redundancy.
I tried adding a second IP address to the LogHost attribute, but it
doesn't seem to work.
For AuthLog SYSLOG I just created a second AuthLog section
It looks like upgrading Perl is our fix. Now on to upgrading everything. :-(
It could be worse, so I will be happy that a Perl upgrade seems to have fixed
the issue.
-Jason
On Nov 8, 2013, at 9:15 AM, Heikki Vatiainen h...@open.com.au wrote:
On 11/05/2013 09:22 PM, Mueller, Jason C wrote:
On 11/05/2013 09:22 PM, Mueller, Jason C wrote:
The syslog server is configured to accept messages of all priorities. While
performing a packet capture on the Radiator host, we do not see the messages
go out.
Hello Jason,
I have tried a AuthLog SYSLOG on Windows 2003, 2008 and 2012 servers
Heikki,
On Nov 4, 2013, at 3:34 PM, Heikki Vatiainen h...@open.com.au wrote:
On 11/01/2013 08:58 PM, Mueller, Jason C wrote:
I created a Perl script independent of Radiator that called Sys::Syslog and
sent a message to the remote host. That worked using UDP.
That's good. Then I'd say
On 11/01/2013 11:16 PM, Robert Fisher wrote:
AuthLog SYSLOG
Identifierauthsyslog
LogSuccess1
LogFailure1
SuccessFormat%l:%N:%u:%U:%P:%1:OK
FailureFormat%l:%N:%u:%U:%P:%1:FAIL
LogHostIP_OF_SYSLOG_SERVER
LogSockudp
Heikki,
I created a Perl script independent of Radiator that called Sys::Syslog and
sent a message to the remote host. That worked using UDP.
Here are the stanzas I created in the Radiator config file:
Log SYSLOG
Identifier syslog
LogSock udp
LogHost
Jason:
I have a similar need, and when I first looked at Syslog -- even the
activestate forums said not to expect Sys::Syslog to work on windows.
Thankfully, that's changed -- and I did some testing first with a simple
script then finally in one my Radiator instance. I only specified an
AuthLog
On 10/29/2013 07:56 PM, Johnson, Neil M wrote:
Tried the LogSock inet, did not work.
We are running ActiveState PERL 5.12.2 and Sys::Syslog version 0.33
I tried with ActivePerl 5.14.4 and Sys::Syslog 0.33 using this
configuration:
AuthLog SYSLOG
Identifier myauthlogger
My colleague tried it, and had no success. We verified firewall rules, etc.
A packet sniff taken directly on the RADIUS box reveals no SYSLOG traffic being
sent when expected.
-Neil
On Oct 28, 2013, at 1:08 PM, Robert Fisher rob...@sitestar.net wrote:
As I recall, the problem was with the
On 10/29/2013 04:29 PM, Johnson, Neil M wrote:
My colleague tried it, and had no success. We verified firewall rules, etc.
A packet sniff taken directly on the RADIUS box reveals no SYSLOG
traffic being sent when expected.
Hello Neil,
try 'LogSock inet' with Windows AuthLog SYSLOG
Heikki,
Tried the LogSock inet, did not work.
We are running ActiveState PERL 5.12.2 and Sys::Syslog version 0.33
-Neil
--
Neil Johnson
Network Engineer
The University of Iowa
Phone: +1 319 384-0938 tel:+13193840938
Fax:+1 319 335-2951 tel:+13193352951
E-Mail:
Can you use AuthLog SYSLOG on Windows ?
According to the Manual Log SYSLOG only works on UNIX systems, but nothing is
mentioned in the section of the manual for AuthLog SYSLOG.
Thanks.
-Neil
--
Neil Johnson
Network Engineer
The University of Iowa
Phone: +1 319 384-0938tel:+13193840938
Fax:
As I recall, the problem was with the Windows implementation of the
Sys::Syslog,
which at least started as simply a perl wrapper to the unix syslog()
library calls.
Both modules inherit from Sys::Syslog, so any issues experienced with
one will
be seen by the other.
Though, as ActiveState
Hey guys,
Can we user Radiator variables for table names in the Authlog SQL statement?
I want to do this:
insert into RadLog-%Y-%m \
(Priority, Message, User_Name, FailedPass) \
values \
(%0, %1, %2, %3)
Hello Craig -
Yes you can define your own SuccessQuery and/or FailureQuery using
special characters.
See section 6.54 in the Radiator 3.8 reference manual.
regards
Hugh
On 10/01/2004, at 8:09 AM, Craig Gittens wrote:
Hey guys,
Can we user Radiator variables for table names in the Authlog
My configuration is win2000 server - perl 5.6. -
radiator 3.7.1
I have a very strange problem:
the AuthLog clause seems not working at all, I have
tried AuthLog File and AuthLog SQL with any parameter. But the strange thing is
that I don't get any error into the debug trace.
For exemple:
Hello Rosario -
I will need to see a copy of your complete configuration file (no
secrets), together with a trace 4 debug from Radiator showing what is
happening. I suspect you are not referencing the AuthLog clause in your
Realm(s) or Handler(s).
# define Realm or Handler with AuthLog
Realm
Hi,
I am trying to log the password in an AuthLog FILE-clausule, but the
field is left blank?
What I get in the log.txt-file is
FAIL:Thu Oct 2 12:31:06 2003:A03245014::FAIL
FAIL:Thu Oct 2 12:31:15 2003:A03266007::FAIL
Any help would be appreciated.
Herman
# Radius.cfg
#
# N
Hello Herman -
I will need to see a trace 4 debug to be sure, but I suspect you are
using CHAP (or MS-CHAP) passwords which cannot be decrypted.
regards
Hugh
On Thursday, Oct 2, 2003, at 20:32 Australia/Melbourne, Herman
verschooten wrote:
Hi,
I am trying to log the password in an AuthLog
]
Subject: (RADIATOR) AuthLog not logging password
Hi,
I am trying to log the password in an AuthLog FILE-clausule, but the
field is left blank?
What I get in the log.txt-file is
FAIL:Thu Oct 2 12:31:06 2003:A03245014::FAIL
FAIL:Thu Oct 2 12:31:15 2003:A03266007::FAIL
Any help would
I'm having problems getting Radiator to log the Framed-IP-Address in the
SQL logs it generates. The NAS's are 3Com Cisco devices. The problem
seems to originate from the fact that the record is created before the
NAS responds with the reply that contains the Framed-IP-Address. Here
is a
Hello James -
The first thing to understand is that there are two different things
going on with the radius protocol. The first is the access request and
and corresponding access accept - this is the authentication and
authorisation phase. After the session has been established as a result
Hugh,
Works like a charm! One minor change, so i dont have to keep track
of 2 attributes, i just use one as follows:
AuthBy GROUP
AuthBy CGate_via_LDAP
StripFromRequestVisi-AuthBy
AddToRequestVisi-AuthBy=LDAP
Hugh,
Thanks for the idea, but unfortunately the AddToRequest seems to
be out of scope (invalid) in an AuthBy clause. It recognizes it in the
Realm scope, and i tried sequencing them there:
AuthBy Log_SQL
AddToRequestNAS-Port-Id=LDAP2
AuthBy
Hello Jeremy -
AddToRequest is available in the AuthBy GROUP clause, so you could
enclose your AuthBy clauses in AuthBy GROUP's and do it that way. BTW -
you do not need to use an attribute from the dictionary - the request
is just a scratch-pad area in memory that you can use however you
Greetings,
I'm trying to figure out of theres a way to log which AuthBy clause issued
the Request-Failed via AuthLogSQL. I use a AuthBy LDAP primarily, but if
that times out i fall back to an AuthBy SQL. When an auth attempt gets
rejected, i'd like to know if the AuthBy LDAP timed out and
Hello Jeremy -
Interesting question.
The only thing I can think of is to put an AddToRequest in each of the
AuthBy clauses and logging the contents of both in your AuthLog.
Something like this might work (please let me know if it does):
Handler ...
AuthByPolicy
AuthBy LDAP2
.
Hello!
Here is my config:
Handler Realm=
AuthBy LDAP_GROUP
AuthLog AUTH_LOGGER
/Handler
AuthBy GROUP
Identifier LDAP_GROUP
AuthByPolicy ContinueWhileReject
AuthBy LDAP_AUTH_1
AuthBy LDAP_AUTH_2
/AuthBy
AuthLog FILE
Identifier
Dear All,
Attached is my configuration for radiator.
My requirement is to log the authentication failure request into
a database table.
As per attached configuration following error message I am
getting.
AuthLogSQL log Radius::AuthLogSQL=HASH(0x38f0200)
0
I've followed the Radiator manual for AuthLog SQL
Here are my config entries:
AuthLog SQL
Identifier SQL-AuthLog1
FailureQueryEXEC sp_RadiusAuthLog
'%{GlobalVar:ServerID}','%n','%{Class}','%N','%{Called-Station-Id}','%{C
alling-Station-Id}','%1'
LogSuccess
Hello Robert -
You would use the same DBSource, DBUsername and DBAuth as for the other SQL
clauses.
AuthLog SQL
DBSource
DBUsername .
DBAuth
.
/AuthLog
regards
Hugh
On Thu, 30 May 2002 23:28, Robert Blayzor wrote:
I've followed the
Thanks for all the help on the list I know have
AUTHLOG SQL working.
My only problem is that some people are sending
through usernames that have ' ^ and " in them
is there anyway I can rewrite these usernames to be
only alphabetical and numeric.
I have seen the rewrite function
Hello Mick -
I usually recommend the UsernameCharset parameter to define the list of
acceptable characters (all others are rejected). This tends to be a safer
approach.
See section 6.4.30 in the Radiator 3.0 reference manual.
There are also a number of RewriteUsername examples in the
The only value that I get for a failure reason is Bad encrypted
password...
I installed 2.19 in a test environment and configured up the AuthLog SQL and
everything worked fine. I ran make and make test, but I didn't run
make install do to the configuration of our servers. I ran radiator
Hello Kevin -
Could you please send me a copy of your configuration file (no secrets)
together with a trace 4 debug from Radiator showing what is happening.
thanks
Hugh
On Tue, 11 Dec 2001 02:40, Kevin Leier wrote:
The only value that I get for a failure reason is Bad encrypted
try to get the actual password in AuthLog...
Dave
-Original Message-
From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 05, 2001 6:44 PM
To: Dave Kitabjian; [EMAIL PROTECTED]
Subject: Re: (RADIATOR) AuthLog question/requests
Hello Dave -
On Thu, 6 Dec
]]
Sent: Wednesday, December 05, 2001 6:44 PM
To: Dave Kitabjian; [EMAIL PROTECTED]
Subject: Re: (RADIATOR) AuthLog question/requests
Hello Dave -
On Thu, 6 Dec 2001 02:05, Dave Kitabjian wrote:
Hello!
Comparing AuthLog FILE to Handler.PasswordLogFileName, I have a
couple
Title: AuthLog question/requests
Hello!
Comparing AuthLog FILE to Handler.PasswordLogFileName, I have a couple of questions:
1) Does AuthLog FILE have an option for ExcludeFromPasswordLog?
2) Can I get access to the correct_password, like PasswordLogFileName does, in AuthLog FILE ?
Hello Dave -
On Thu, 6 Dec 2001 02:05, Dave Kitabjian wrote:
Hello!
Comparing AuthLog FILE to Handler.PasswordLogFileName, I have a couple
of questions:
1) Does AuthLog FILE have an option for ExcludeFromPasswordLog?
No it doesn't.
2) Can I get access to the correct_password, like
Is it okay to use this:
AuthLog EMERALD
(stock Emerald log stuff)
/AuthLog
To push errors into the Emerald Radlogs table?
Then just assign the error logging to it?
I am having trouble getting it to work.
Ideas?
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL
Hello Todd -
Keep in mind that there are different things happening with what is output
from Radiator. Standard error, debug, info messages and so on (controlled by
the Trace setting) go to the LogFile or Log SQL clause or whatever. The
AuthLog ... is only used for authentication logging.
Hello Quintin -
I am confused by your question - what exactly do you want to do?
thanks
Hugh
On Friday 07 September 2001 01:37, Quintin Lam wrote:
Hi Hugh,
I can AuthBy External and generate a reply message by an external
program if access failure.
The configuration file:
AuthLog
El 28 Apr 2001, a las 11:55, Hugh Irvine escribió:
Hello Mariano -
I have copied this to Mike also, so he can check.
Just one question - is the Log FILE created?
yup.
Ie - are you seeing permission problems on the directory?
This is Log FILE
Filename
Hi,
Netra T1 AC200, 1CPU 360MHz, 512Mb RAM, 2x18Gb HD, Solaris 8, Perl
v5.6.1, Radiator 2.18.1 (how easy is to be on the edge version when it's
not yet in production :-)
The AuthLog is not created. Period.
That is, I copied the config from another installation and the file
doesn't appear...
Hello Mariano -
I have copied this to Mike also, so he can check.
Just one question - is the Log FILE created?
Ie - are you seeing permission problems on the directory?
This is Log FILE
Filename %L/%Y-%m/%{GlobalVar:rad_instance}/stdLog_%d-%q
and this is AuthLog FILE
Filename
Hello,
I try to install "radius-proxy" for solving some problem
with user passwords.
All working properly, exclude logging authentification requests.
Following piece of config file:
...
LogDir /usr/local/radiator/log
...
AuthLog FILE
Identifier authlogger
Hello Rustam -
On Friday 09 February 2001 21:50, Rustam Povarov wrote:
Hello,
I try to install "radius-proxy" for solving some problem
with user passwords.
All working properly, exclude logging authentification requests.
Following piece of config file:
...
LogDir
Hi there,
I've been almost off this list for some time (I have a backlog of a month or so
in reading it) and I don't know if this has been discussed yet.
I'm using an AuthLog FILE to log both successes failures, and I want to
include the reason for the failure (not only the password).
I
Hello Mariano -
This will be supported in the next release of Radiator (due out in the next
couple of weeks).
regards
Hugh
On Friday 09 February 2001 08:26, Mariano Absatz wrote:
Hi there,
I've been almost off this list for some time (I have a backlog of a month
or so in reading it)
Thanks Hugh,
The patch didn't change anything but you were on the right track though.
If I add a single backslash in the AuthSelect clause it goes through ok.
Both 'test\@ing' and '%U\@%R' work fine, the latter effectively
substituting for %n.
On Fri, 19 Jan 2001, Hugh Irvine wrote:
Hi
Hi Dave -
H - that is what the patch is supposed to do, but I haven't been
able to test it yet. I'll check with Mike when I see him next.
cheers
Hugh
At 10:34 -0600 01/1/19, Dave Salaman wrote:
Thanks Hugh,
The patch didn't change anything but you were on the right track though.
If
Hi Dave -
I have enclosed a patched version of LogSQL.pm for you to try.
Please let us know if it works correctly for you and we will roll the
patch into the next release.
regards
Hugh
At 22:48 -0600 01/1/15, Dave Salaman wrote:
Hi,
I'm having trouble getting AuthLog SQL to work under
Hi,
I'm having trouble getting AuthLog SQL to work under MySQL when a query
which expands to anything containing the '@' symbol. This includes the use
of %n and %u with usernames in the form of username@realm.
For example, using the following query
SuccessQuery insert into RADAUTHLOG \
Hi,
I'm using AuthLog SQL for failed logins and I'd like to insert caller's
phone number into database too, is it possible?
++Toni
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the
Toni Riekkinen wrote:
Hi,
I'm using AuthLog SQL for failed logins and I'd like to insert caller's
phone number into database too, is it possible?
Sure, just put %{Calling-Station-Id} into one of your columns. You can
actually use any attribute that comes in the access-request.
- D
Authlog problem:
I'd like to see the password what user tries to log on with and currently I
dont get it.
Not with AuthLog FILE or with PasswordLogFileName:
With AuthLog FILE I get:
Sat Dec 9 15:20:56 2000:testi3::FAIL
And into passwordlog with PasswordLogFileName:
Hello Toni -
At 15:42 +0200 9/12/00, Toni Riekkinen wrote:
Authlog problem:
I'd like to see the password what user tries to log on with and currently I
dont get it.
Not with AuthLog FILE or with PasswordLogFileName:
With AuthLog FILE I get:
Sat Dec 9 15:20:56
--- Forwarded mail from [EMAIL PROTECTED]
Date: Tue, 28 Nov 2000 15:40:23 +1100 (EST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Richard
Staniforth [EMAIL PROTECTED]]
From mikem Tue Nov 28 15:40:15 2000
Received: by
66 matches
Mail list logo
