Detail Module (Log Sample)
More examples of doing detail logs.
For a full explanation of the configuration options,
please see the detail module.
|
Configuration Settings
Access-Request
Many people want to log authentication requests. Different
instances of the detail
module can be used to log the
authentication requests to one or more files.
You will also need to un-comment the auth_log line in the
recv Access-Request section of raddb/sites-enabled/default .
|
- suppress { … }
-
This will stop passwords being written to the log.
Access-Accept
This module logs authentication reply packets sent to a NAS.
Both Access-Accept
and Access-Reject
packets are logged.
You will also need to un-comment the 'reply_log' line in the
send Access-Accept section of raddb/sites-enabled/default .
|
Default Configuration
detail auth_log {
filename = ${radacctdir}/%{Net.Src.IP}/auth-detail-%Y-%m-%d
permissions = 0600
suppress {
User-Password
}
}
detail reply_log {
filename = ${radacctdir}/%{Net.Src.IP}/reply-detail-%Y-%m-%d
permissions = 0600
}
detail pre_proxy_log {
filename = ${radacctdir}/%{Net.Src.IP}/pre-proxy-detail-%Y-%m-%d
permissions = 0600
# suppress {
# User-Password
# }
}
detail post_proxy_log {
filename = ${radacctdir}/%{Net.Src.IP}/post-proxy-detail-%Y-%m-%d
permissions = 0600
}