Re: [RADIATOR] (Radiator) Filtering log Message

Thu, 23 Feb 2012 06:47:14 -0800 

Following up myself with one more option:

The patches for 4.9 now has support for defining Filename in AuthLog
FILE similarly to Filename in Log FILE. That is, | (pipe) character can
be specified to support this:

 # Pipe to my-log-prog
 Filename |/usr/local/bin/my-log-prog

See e.g., section "5.13.1 Filename" for more about using pipes.

Heikki


On 02/23/2012 12:04 AM, Heikki Vatiainen wrote:

> On 02/22/2012 01:25 PM, G.N. wrote:
> 
>> i would like to know if is possible to filter Authlog entry, logging all 
>> except access from certain username.
> 
> Unfortunately that is not possible.
> 
>> Here my AuthLog conf
>>
>> <AuthLog FILE>
>>         Identifier tL
>>         Filename %L/Auth
>>         LogSuccess 1
>>         LogFailure 0
>>         SuccessFormat %d-%m-%Y %H:%M:%S,%U,%{NAS-Identifier},%N
>> </AuthLog>
> 
> There are a couple of possibilities:
> 1. Use a script, based on grep or something similar, to filter
> everything else except of the usernames you are interested in.
> 
> 2. You could experiment with a named pipe
> http://en.wikipedia.org/wiki/Named_pipe
> 
> Create a named pipe with mkfifo command and create a process that reads
> the named fifo. For example:
> 
> % while :; do cat Auth|grep -v hvn ; done
> 
> This will print out only LogSuccess lines that do not contain 'hvn'. The
> while loop is needed because radiusd closes the file after each write.
> 
> Note that possibility 1 is the best especially if you are not familiar
> with handling named pipes. For example, you should watch file
> permissions and keep the reader process running all the time or radiusd
> will block waiting for the reader.
> 
> Thanks!
> Heikki
> 
> 
>> Thank's.
>>
>> G.
>> _______________________________________________
>> radiator mailing list
>> radiator@open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
> 
> 


-- 
Heikki Vatiainen <h...@open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to