Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

acctReport.ini File

 

The acctReport.ini file includes information that controls the configuration settings of the accounting log, which provides logging of failed accounting requests. The accounting log records all accounting request failures by logging them in a comma-delimited text file. While viewing the logs, you can sort, search and filter the log records. Each record includes details of who, where, when, and what happened during the accounting request. The accounting log records failures due to:

  • Bad shared secret

  • Unknown client

You can enable or disable the accounting report logs when needed. The accounting logs are saved in a default folder called AcctReports located under the /opt/JNPRsbr/radius directory (if not specified). The accounting request failures are saved in two separate files denoted by the failure name and timestamp as follows:

  • badSharedSecret_yyyymmdd.act

  • unknownClient_yyyymmdd.act

Each log report is enabled separately.

The following fields are available in both log reports:

  • Timestamp (UTC or local time)

  • Username (if available)

  • Client IP address (May not be accurate due to proxy, NAT)

  • Task name—accounting start or stop request and accounting on or off events

  • Reason of failure

  • NAS name (if known)

[Settings] Section

[Settings] Section

The [Settings] section of the acctReport.ini file (Table 86) defines various global user parameters that affect the log file, such as days to keep and formatting.

If the MaxMinutesPerFile parameter is set to 0, the file name of the accounting log report is badSharedSecret_yyyymmdd.act or unknownClient_yyyymmdd.act, (where yyyymmdd identifies the date the report was generated.) If the MaxMinutesPerFile parameter is set to a value greater than 0, the file name of the report is badSharedSecret_yyyymmdd_hhmm.act or unknownClient_yyyymmdd_hhmm.act (where yyyymmdd identifies the date and hhmm identifies the time the report was generated.)

Table 86: acctReport.ini [Settings] Syntax

Parameter

Function

LogDir

Specifies the destination directory on the local host where the badSharedSecret_yyyymmdd.act and unknownClient_yyyymmdd.act files are stored.

Default value is the directory is /opt/JNPRsbr/radius directory (if not specified).

LogFilePermissions

Specifies the owner and access permission settings for the accounting log files.

Enter a value for the LogFilePermissions setting in owner:group permissions format, where:

  • owner specifies the owner of the file in text or numeric format.

  • group specifies the group setting for the file in text or numeric format.

  • permissions specifies what privileges can be exercised by Owner/Group/Other with respect to the file in text or numeric format.

    For example, user:1007 rw-r----- specifies that the file owner (user) can read and edit the log file, members of group 1007 can read (but not edit) the log file, and that other users cannot access the log file.

UTC

  • If set to 1, time and date values are provided according to UTC (GMT).

  • If set to 0, time and date values reflect local time.

    Default value is 0.

MaxMinutesPerFile

Specifies how often the current accounting log report is closed and a new file opened.

  • If set to n (where n is a number greater than 0), a new report is generated every n minutes.

  • If set to 0, a new report is generated once every 24 hours, at midnight local time.

Default value is 0.

Note: The value entered for MaxMinutesPerFile determines the file name of the generated report.

DaysToKeep

Specifies the number of days the Steel-Belted Radius Carrier server retains the accounting log reports.

Default value is 1 (one day).

LineSize

The maximum size of a single log line. The allowable range is 1024 to 32768.

Default value is 4096.

Note: Logging fails if this value is exceeded.

QuoteInteger

  • If set to 1, integer values written to the accounting log file are enclosed in quotes.

  • If set to 0, quotes are not used.

    Set this value according to the format expected by the accounting application that processes the entries.

    Default value is 1.

QuoteIPAddress

  • If set to 1, IP addresses written to the accounting log file are enclosed in quotes.

  • If set to 0, quotes are not used.

    Set this value according to the format expected by the accounting application that processes the entries.

    Default value is 1.

QuoteText

  • If set to 1, text strings written to the accounting log file are enclosed in quotes.

  • If set to 0, quotes are not used.

    Set this value according to the format expected by the accounting application that processes the entries.

    Default value is 1.

QuoteTime

  • If set to 1, time and date values written to the accounting log file are enclosed in quotes.

  • If set to 0, quotes are not used.

    Set this value according to the format expected by the accounting application that processes the entries.

    Default value is 1.

QuoteBinary

  • If set to 1, binary values written to the accounting log file are enclosed in quotes.

  • If set to 0, quotes are not used.

    Set this value according to the format expected by the accounting application that processes the entries.

    Default value is 1.

[UnknownClientReport] Section

[UnknownClientReport] Section

The [UnknownClientReport] section (Table 87) of acctReport.ini enables or disables generation of the unknown accounting client report, which is an ASCII comma-delimited file produced by the Steel-Belted Radius Carrier server. It identifies accounting requests received from unknown RADIUS clients, or destined to unknown or unreachable destinations. It also defines the file format of the unknown-client reports.

Table 87: acctReport.ini [UnknownClientReport] Syntax

Parameter

Function

Enable

  • If set to 1, the unknownClient_yyyymmdd.act is enabled.

  • If set to 0, the unknownClient_yyyymmdd.act is disabled.

    Default value is 0.

[BadSharedSecretReport] Section

[BadSharedSecretReport] Section

The [BadSharedSecretReport] section (Table 88) of acctReport.ini enables or disables generation of the invalid shared secret report, which is an ASCII comma-delimited file that records information about requests received from known RADIUS clients that used an invalid shared secret. It also defines the file format of the bad shared secret reports.

Table 88: acctReport.ini [BadSharedSecretReport] Syntax

Parameter

Function

Enable

  • If set to 1, the badSharedSecret_yyyymmdd.act is enabled.

  • If set to 0, the badSharedSecret_yyyymmdd.act is disabled.

    Default value is 0.

[Attributes] Section

[Attributes] Section

The [Attributes] section of acctReport.ini lists the attributes you want logged in the accounting reports. For example: