Log file format config error
corrugatedcardboard opened this issue · 3 comments
Dear MarcJHuber,
first of all, thank you for this software project and your dedication to it, it greatly helped me.
Sadly, it appears I have run into a small config problem.
According to the documentation (https://www.pro-bono-publico.de/projects/tac_plus-ng.html#AEN384, Chapter 4.2.3.1 Logging), I should be able to format the log output in the files like this:
( authentication | authorization | accounting ) format = string
So, I decided to incorporate this option in my config file like this:
authentication format = "%Y-%m-%d %H:%M:%S %z\t${device.dnsname}\t${user}\t${port}\t${client.dnsname}\t${action} ${hint}\n"
However, when I use this config command, and let the debugger (tac_plus-ng -P config.cfg) run over it, it throws out this error:
id = tac_plus-ng {
#log authzlog { destination = /var/log/tac_plus/%Y/%m/%d.log }
#log authclog { destination = /var/log/tac_plus/%Y/%m/%d.log }
log taclog { destination = /var/log/tac_plus/SERVERNAME/%Y%m%d.log }
accounting log = taclog
authentication log = taclog
authorization log = taclog
authentication format
config.cfg:34: Expected 'fallback' or 'log', but got 'format'
24122: config.cfg:34: Expected 'fallback' or 'log', but got 'format'
24122: Detected fatal configuration error. Exiting.
Did I use the command wrong? Or am I missing something?
Hi,
the "authentication format" stanza needs to be included in log context.
log taclog {
destination = /var/log/tac_plus/SERVERNAME/%Y%m%d.log
authentication format = ...
}
will likely work.
Thanks,
Marc
Hi Marc,
thank you for your answer! I just tried putting authentication format = ... in the log context, and the debugger ran through, without any problems.
However, as I looked in the log files, I did not see the correct output. Instead I saw this:
Before:
2023-08-08 13:19:58 +0200 <IP-NAS> <NAME> tty1 <IP-NAC> shell login succeeded
2023-08-08 13:19:58 +0200 <IP-NAS> <NAME> tty1 <IP-NAC> restricted permit shell
After the config file change:
2023-08-08 13:16:35 +0200 <NAME> tty1 stop show running-config <cr>
2023-08-08 13:16:45 +0200 <NAME> tty1 restricted permit shell configure terminal <cr>
As you can see, the wanted DNS-Names of the NAS and the NAC are missing. It should look like this:
"%Y-%m-%d %H:%M:%S %z\t${device.dnsname}\t${user}\t${port}\t${client.dnsname}\t${action}
Do I have to use a different command or do I have to install some additional libraries?
Thank you again for your help!
Hi,
DNS resolution is handled using c-ares, so libc-ares-dev (or similiar, that's the Ubuntu package name) needs to be installed.
Please use the current GIT, I've pushed some fixes today.
Cheers,
Marc