Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
  
[+] Expand All
[-] Collapse All

Using the Authentication Log File

The authentication log file records each RADIUS authentication request received by SBR Carrier. Authentication log files are Comma Separated Value (CSV) ASCII text files that can be imported into a spreadsheet or database program.

Authentication log files are located in the RADIUS database directory area by default, although you can specify an alternate destination directory in the [Configuration] section of authlog.ini. Authentication log files are named yyyymmdd.authlog, where yyyy is the 4-digit year, mm is the month, and dd is the day on which the log file was created.

Authentication log files are kept for the number of days specified in the Settings page (described in Configuring the Log Retention Period), and are deleted after that.

The current log file can be opened while SBR Carrier is running.

Authentication Log File Format

The first five fields in every authentication log entry are required by SBR Carrier:

  • Date—The date when the event occurred
  • Time—The time when the event occurred
  • RAS-Client—The name or IP address of the RADIUS client sending the authentication request
  • Full-Name—The fully distinguished name of the user, based on the authentication performed by the RADIUS server
  • ACC/REJ—The result of the authentication request (ACCEPT or REJECT)

The RADIUS attributes specified in the authlog.ini file appear next. Attributes in the authlog.ini file beginning with a semicolon (;), are commented out, and their values are not recorded in the authentication log file.

User-Name
NAS-IP-Address
NAS-Port
Service-Type
Framed-Protocol
Framed-IP-Address
Framed-IP-Netmask
Framed-Compression
Login-IP-Host
Callback-Number
State
Called-Station-Id=
Calling-Station-Id=
NAS-Identifier=
Proxy-State=
Login-LAT-Service
Login-LAT-Node
Login-LAT-Group
Event-Timestamp
NAS-Port-Type
Port-Limit
Login-LAT-Port

Note: If the User-Password attribute is included in the authlog.ini file, it is ignored during processing to prevent exposing users’ clear-text passwords in the log file.

You can include vendor-specific attributes if the device sending the authentication packet supports them. For more information, see Vendor-Specific Attributes.

You can edit the authlog.ini file to add, remove, or reorder the standard RADIUS or vendor-specific attributes that are logged. For information about authlog.ini, refer to the SBR Carrier Reference Guide.

First Line Headings

The first line of the authentication log file lists the names of all the attributes that have been enabled for logging, in the order in which they are logged. This first line serves as a complete set of column headings for the remaining entries in the file. The content of the first line depends on the attributes specified in the authlog.ini file.

The following example shows the heading line and an authentication log file entry consisting of the required attributes.

“Date”, ”Time”, ”RASClient”, ”FullName”, ”ACC/REJ”
“7/3/2003”, ”12:11:55”, ”RRAS”, ”EdisonCarter”, ”ACCEPT”,

Comma Placeholders

Log entries may not include every attribute listed in the first line of the authentication log file. When SBR Carrier records the event in the authentication log file, it uses a comma placeholder to mark empty entries, so that all entries remain aligned with their headings.

For example, the following log entries indicate that Bob’s authentication request was rejected but Alice’s authentication request was accepted. The reported fields include Called-Station-Id, Calling-Station-Id, and Port-Limit. The attributes listed in the log heading that were not returned for the authentication events are separated with commas.

“Date”, ”Time”, ”RAS-Client”, ”Full-Name”, ”Acc/Rej",
"User-Name","NAS-IP-Address","NAS-Port","Service-Type",
"Framed-Protocol","Framed-IP-Address", "Framed-IP-Netmask","Framed-Compression",
"Login-IP-Host","Callback-Number","State", "Called-Station-Id","Calling-Station-Id",
"NAS-Identifier","Proxy-State", "Event-Timestamp","NAS-Port-Type","Port-Limit",
"Login-LAT-Port""07/14/2003","13:39:10","192.168.2.42",
“BOB","REJECT",,,,,,,,,,,,"Alice's Office","Bob's Office",,,,,"5",
"07/14/2003","13:43:26","192.168.2.42", "ALICE","ACCEPT",,,,,,,,,,,,"Bob's Office",
"Alice's Office",,,,,"5",

Modified: 2018-01-11