Re: [RADIATOR] Account log to MySQL
If you have a lot of different devices, and lots of auth activity, I would suggest setting up your authlog sql table to have a unique index for user/type/reason, and an sql query that inserts, but if the same error already exists, just increment a count column and the timestamp. This way, if a device that is rejected, and tries to connect 12 million times cause it's a stupid Dlink router, you don't end up with 12 million rows in your sql table. Only applies for larger setups i guess. On 03/02/15 04:39 PM, Chad Roseburg wrote: Goal: Capture successful logins as well as failures for stats purposes. I am setting up logging to a local MySQL instance. Here's what I've done: * Following instructions in the 'mysqlcreate.sql' file, I created the radius table and user(s). * Created the Mysql tables using the provided 'mysqlCreate.sql' in goodies. * Added the following stanza to my Handler just below the SIP Authby stanza: -- conf - Handler Handler AuthBy SIP2 Port 6001 Host siphost.com http://siphost.com Delimiter | LoginUserID sipuser LoginPassword supersecret LocationCode Radiator SendChecksum no VerifyChecksum no NoDefault EAPType GTC /AuthBy AuthLog SQL DBSource dbi:mysql:radius:localhost DBUsername radius DBAuth secrets LogSuccess SuccessQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (%t, '%n', 1) LogFailure FailureQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (%t, '%n', 0, %1) /AuthLog /Handler -- /conf --- I'm not seeing anything with: SELECT * FROM RADAUTHLOG; Is it just a quiet day or am I missing something? Last question is: does USERNAME refer to the client? Thank you! -- Chad Roseburg Automation Dept. North Central Regional Library ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] AuthBy Syslog port
Is it possible to log AuthBy Syslog to an external server on a different port than 514? Reading the documentation I don't see an option to specify the port of the remote syslog server. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] Account log to MySQL
Goal: Capture successful logins as well as failures for stats purposes. I am setting up logging to a local MySQL instance. Here's what I've done: * Following instructions in the 'mysqlcreate.sql' file, I created the radius table and user(s). * Created the Mysql tables using the provided 'mysqlCreate.sql' in goodies. * Added the following stanza to my Handler just below the SIP Authby stanza: -- conf - Handler Handler AuthBy SIP2 Port 6001 Host siphost.com Delimiter | LoginUserID sipuser LoginPassword supersecret LocationCode Radiator SendChecksum no VerifyChecksum no NoDefault EAPType GTC /AuthBy AuthLog SQL DBSourcedbi:mysql:radius:localhost DBUsername radius DBAuth secrets LogSuccess SuccessQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (%t, '%n', 1) LogFailure FailureQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (%t, '%n', 0, %1) /AuthLog /Handler -- /conf --- I'm not seeing anything with: SELECT * FROM RADAUTHLOG; Is it just a quiet day or am I missing something? Last question is: does USERNAME refer to the client? Thank you! -- Chad Roseburg Automation Dept. North Central Regional Library ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] Account log to MySQL
Hello Chad - From what you show below, you have two “Handler” lines - if this is not a typo it will certainly confuse the configuration file parser. The best way to debug is to set the Trace level to 4 (DEBUG) so you can see exactly what is happening. You set the Trace level in the configuration file: ….. Trace 4 ….. regards Hugh On 4 Feb 2015, at 08:39, Chad Roseburg croseb...@ncrl.org wrote: Goal: Capture successful logins as well as failures for stats purposes. I am setting up logging to a local MySQL instance. Here's what I've done: * Following instructions in the 'mysqlcreate.sql' file, I created the radius table and user(s). * Created the Mysql tables using the provided 'mysqlCreate.sql' in goodies. * Added the following stanza to my Handler just below the SIP Authby stanza: -- conf - Handler Handler AuthBy SIP2 Port 6001 Host siphost.com Delimiter | LoginUserID sipuser LoginPassword supersecret LocationCode Radiator SendChecksum no VerifyChecksum no NoDefault EAPType GTC /AuthBy AuthLog SQL DBSourcedbi:mysql:radius:localhost DBUsername radius DBAuth secrets LogSuccess SuccessQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (%t, '%n', 1) LogFailure FailureQueryinsert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (%t, '%n', 0, %1) /AuthLog /Handler -- /conf --- I'm not seeing anything with: SELECT * FROM RADAUTHLOG; Is it just a quiet day or am I missing something? Last question is: does USERNAME refer to the client? Thank you! -- Chad Roseburg Automation Dept. North Central Regional Library ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
