Heikki,
On Nov 4, 2013, at 3:34 PM, Heikki Vatiainen <[email protected]> wrote: > On 11/01/2013 08:58 PM, Mueller, Jason C wrote: > >> I created a Perl script independent of Radiator that called Sys::Syslog and >> sent a message to the remote host. That worked using UDP. > > That's good. Then I'd say you would need to check if the remote system > (loghost) has its syslog server set to log everything Radiator sends. > For example, you mentioned below that messages about invalid attributes > were logged by the remote system. These likely had priority level of err > which the loghost was configured to accept and handle. However, does it > accept and handle messages with lesser priority? The syslog server is configured to accept messages of all priorities. While performing a packet capture on the Radiator host, we do not see the messages go out. > Here are the stanzas I created in the Radiator config file: > > As you mentioned LogSuccess and LogFailure are required. The default > priority for AuthLog SYSLOG messages is 'info'. You should check if the > loghost does something with 'info' level messages or try setting > 'Priority err' and see if the messages then get through. The default > level 'info' is quite low. > > Thanks, > Heikki > >> <Log SYSLOG> >> Identifier syslog >> LogSock udp >> LogHost IP_ADDRESS_OF_REMOTE_HOST >> Facility local5 >> </Log> >> >> <AuthLog SYSLOG> >> Identifier authsyslog >> LogSock udp >> LogHost IP_ADDRESS_OF_REMOTE_HOST >> Facility local5 >> SuccessFormat %H:%M:%S | %{Calling-Station-Id} | %u | OK | NAS-IP %N >> FailureFormat %H:%M:%S | %{Calling-Station-Id} | %u | FAIL: %1 | NAS-IP >> %N >> </AuthLog> >> >> As Neil indicated, the inet option did not work. I really don’t want to use >> the “inet” option, since it tries TCP first, and we are not using TCP. The >> RADIUS servers are under relatively heavy load, so I do not want to consume >> the time or cycles sending a message with no possible means of success in a >> single threaded application. >> >> I did not have the LogSuccess and LogFailure options set in the <AuthLog >> SYSLOG> clause. I have added those, but no success. >> >> I should note that when I had invalid attributes in the <Log SYSLOG> section >> that Radiator actually sent information to the syslog server indicating that >> I had invalid attributes. After they were removed and I restarted, Radiator >> did not send any logs. I would have expected to get the general log info, >> but that did not happen. >> >> Any help is appreciated. We might try upgrading Perl and upgrading Radiator >> (one at a time to see which makes a difference). >> >> -Jason >> >> >> On Oct 30, 2013, at 8:54 AM, Heikki Vatiainen <[email protected]> wrote: >> >>> On 10/29/2013 07:56 PM, Johnson, Neil M wrote: >>>> Tried the LogSock inet, did not work. >>>> >>>> We are running ActiveState PERL 5.12.2 and Sys::Syslog version 0.33 >>> >>> I tried with ActivePerl 5.14.4 and Sys::Syslog 0.33 using this >>> configuration: >>> >>> <AuthLog SYSLOG> >>> Identifier myauthlogger >>> LogHost 172.16.172.14 >>> LogSock inet >>> LogSuccess 1 >>> LogFailure 1 >>> </AuthLog> >>> >>> I had tcpdump running on 172.16.172.14 and there was traffic to syslog >>> port 514. The configuration was goodies/authlog.cfg modified to use >>> SYSLOG as shown above. >>> >>> Maybe you could try a simple config to see if it works with something >>> very basic? >>> >>> I could not try with ActivePerl 5.12.2 since PPM complained about >>> requiring authentication to upgrade to 0.33. Seeing how to get this >>> solved may take a bit longer, but I thought I'd confirm syslog on >>> Windows should work. >>> >>> >>> -- >>> Heikki Vatiainen <[email protected]> >>> >>> Radiator: the most portable, flexible and configurable RADIUS server >>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, >>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, >>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, >>> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, >>> NetWare etc. >> > > > -- > Heikki Vatiainen <[email protected]> > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, > NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
