我想在身份验证后部分向远程系统日志发送消息。带有
"'%{User-Name}', '%{reply:Packet-Type}', '%{Calling-Station-Id}'"
如何使用 FreeRADIUS 3 来实现?
或者..
如何按设施或优先级划分日志?
答案1
使用 linelog
linelog log_postauth {
filename = syslog
syslog_facility = authpriv
syslog_severity = info
format = "ACCEPTED: %{User-Name} %{control:Tmp-String-0}, %{control:Tmp-String-1}, nas address: %{request:Called-Station-Id}, remote address: %{request:Calling-Station-Id}"
}
linelog log_postreject {
filename = syslog
syslog_facility = authpriv
syslog_severity = warning
format = "REJECTED: %{User-Name} %{control:Tmp-String-0}, %{control:Tmp-String-1}, nas address: %{request:Called-Station-Id}, remote address: %{request:Calling-Station-Id}"
}
在服务器中
post-auth {
Post-Auth-Type ACCEPT {
log_postauth
}
Post-Auth-Type REJECT {
log_postreject
}
}
然后使用 rsyslog 服务发送
if $syslogfacility-text == 'authpriv'
then {
action(type="omfwd" target="10.254.144.141" protocol="udp" port="514")
}