Hi, let say i have 2 log files(they are below) dhcp and radius. What i need is to put the information to a file just from good connections ( Auth: Login OK ) others just ignore. And the information should look like: time, login name, mac, ip, server. But the trouble is that from radius log i get different looking macs like 001cbf9bb638, 00-1c-bf-9b-b6-38 but in dhcp it always looks like this 00:48:54:52:3b:bb. The main question would be how can i now if it is a mac adress(what command sould help) and how can i convert to dhcp stile (00:48:54:52:3b:bb like this). Thanks being pacient reading this
RADIUS
Code:
Thu Dec 4 07:24:54 2008 : Auth: Login OK: [kava4186] (from client LINKSYS3 port 0 via TLS tunnel)
Thu Dec 4 07:24:54 2008 : Auth: Login OK: [kava4186] (from client LINKSYS3 port 21 cli 001cbf9bb638)
Thu Dec 4 07:50:52 2008 : Auth: Login OK: [limo5625] (from client LINKSYS3 port 0 via TLS tunnel)
Thu Dec 4 07:50:52 2008 : Auth: Login OK: [limo5625] (from client LINKSYS3 port 12 cli 0013e80a5b5d)
Thu Dec 4 08:00:14 2008 : Auth: Login OK: [boda7805] (from client LINKSYS3 port 0 via TLS tunnel)
Thu Dec 4 08:00:14 2008 : Auth: Login OK: [boda7805] (from client LINKSYS3 port 33 cli 0015afecda17)
Thu Dec 4 08:00:50 2008 : Error: rlm_eap: UserIdentity Unknown
Thu Dec 4 08:00:50 2008 : Error: rlm_eap: Identity Unknown, authentication failed
Thu Dec 4 08:00:50 2008 : Auth: Login incorrect: [<no User-Name attribute>] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:00:52 2008 : Error: rlm_eap: UserIdentity Unknown
Thu Dec 4 08:00:52 2008 : Error: rlm_eap: Identity Unknown, authentication failed
Thu Dec 4 08:00:52 2008 : Auth: Login incorrect: [<no User-Name attribute>] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:06 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:03:06 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:08 2008 : Error: rlm_eap: No EAP session matching the State variable.
Thu Dec 4 08:03:08 2008 : Error: rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
Thu Dec 4 08:03:08 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:10 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:03:10 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:13 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:03:13 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:15 2008 : Error: rlm_eap: No EAP session matching the State variable.
Thu Dec 4 08:03:15 2008 : Error: rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
Thu Dec 4 08:03:15 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:48 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:04:01 2008 : Auth: Login OK: [JOMO6060] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:04:01 2008 : Auth: Login OK: [JOMO6060] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Dhcp
Code:
Dec 4 07:24:54 sunfire1 dhcpd: DHCPREQUEST for 192.168.1.100 from 00:1c:bf:9b:b6:38 via em3: wrong network.
Dec 4 07:24:54 sunfire1 dhcpd: DHCPNAK on 192.168.1.100 to 00:1c:bf:9b:b6:38 via em3
Dec 4 07:24:55 sunfire1 dhcpd: DHCPREQUEST for 192.168.4.5 from 00:06:4f:02:00:52 via em2
Dec 4 07:24:55 sunfire1 dhcpd: DHCPACK on 192.168.4.5 to 00:06:4f:02:00:52 via em2
Dec 4 07:24:56 sunfire1 dhcpd: DHCPDISCOVER from 00:1c:bf:9b:b6:38 via em3
Dec 4 07:24:57 sunfire1 dhcpd: DHCPOFFER on 10.2.247.225 to 00:1c:bf:9b:b6:38 (karolis) via em3
Dec 4 07:24:57 sunfire1 dhcpd: DHCPREQUEST for 10.2.247.225 (10.255.255.1) from 00:1c:bf:9b:b6:38 (karolis) via em3
Dec 4 07:24:57 sunfire1 dhcpd: DHCPACK on 10.2.247.225 to 00:1c:bf:9b:b6:38 (karolis) via em3
Dec 4 07:25:00 sunfire1 dhcpd: DHCPREQUEST for 192.168.3.4 from 00:30:4f:06:66:a3 via em2
Dec 4 07:25:00 sunfire1 dhcpd: DHCPACK on 192.168.3.4 to 00:30:4f:06:66:a3 via em2
Dec 4 07:25:01 sunfire1 dhcpd: uid lease 192.168.46.131 for client 00:1f:29:2c:49:96 is duplicate on itc
Dec 4 07:25:01 sunfire1 dhcpd: DHCPREQUEST for 192.168.45.129 from 00:1f:29:2c:49:96 via em2
Dec 4 07:25:01 sunfire1 dhcpd: DHCPACK on 192.168.45.129 to 00:1f:29:2c:49:96 via em2
Dec 4 07:25:07 sunfire1 dhcpd: DHCPREQUEST for 192.168.42.7 from 00:11:09:13:a0:0b via em2
Dec 4 07:25:07 sunfire1 dhcpd: DHCPACK on 192.168.42.7 to 00:11:09:13:a0:0b via em2
Dec 4 07:25:10 sunfire1 dhcpd: DHCPINFORM from 10.2.247.225 via em3
Dec 4 07:25:10 sunfire1 dhcpd: DHCPACK to 10.2.247.225 (00:1c:bf:9b:b6:38) via em3
Dec 4 07:25:16 sunfire1 dhcpd: DHCPREQUEST for 192.168.44.33 from 00:14:4f:26:d9:66 via em2
Dec 4 07:25:16 sunfire1 dhcpd: DHCPACK on 192.168.44.33 to 00:14:4f:26:d9:66 via em2
Dec 4 07:25:22 sunfire1 dhcpd: DHCPINFORM from 192.168.5.6 via em2
Dec 4 07:25:22 sunfire1 dhcpd: DHCPACK to 192.168.5.6 (00:06:4f:02:00:51) via em2
Dec 4 07:25:25 sunfire1 dhcpd: DHCPINFORM from 192.168.5.6 via em2
Dec 4 07:25:25 sunfire1 dhcpd: DHCPACK to 192.168.5.6 (00:06:4f:02:00:51) via em2
Dec 4 07:25:26 sunfire1 dhcpd: DHCPREQUEST for 193.219.42.107 from 00:40:f4:bd:5e:d6 (ragaisiopc) via em0
Dec 4 07:25:26 sunfire1 dhcpd: DHCPACK on 193.219.42.107 to 00:40:f4:bd:5e:d6 (ragaisiopc) via em0
Dec 4 07:25:27 sunfire1 dhcpd: DHCPREQUEST for 192.168.7.3 from 00:06:4f:02:00:59 via em2
Dec 4 07:25:27 sunfire1 dhcpd: DHCPACK on 192.168.7.3 to 00:06:4f:02:00:59 via em2
Dec 4 07:25:43 sunfire1 dhcpd: DHCPREQUEST for 192.168.44.25 from 00:14:4f:1f:b7:21 via em2
Dec 4 07:25:43 sunfire1 dhcpd: DHCPACK on 192.168.44.25 to 00:14:4f:1f:b7:21 via em2
Dec 4 07:25:44 sunfire1 dhcpd: DHCPREQUEST for 172.16.42.11 from 00:01:e6:ad:9d:71 via em0
Dec 4 07:25:44 sunfire1 dhcpd: DHCPACK on 172.16.42.11 to 00:01:e6:ad:9d:71 via em0
Dec 4 07:25:47 sunfire1 dhcpd: DHCPREQUEST for 192.168.5.7 from 00:06:4f:02:54:b1 via em2
Dec 4 07:25:47 sunfire1 dhcpd: DHCPACK on 192.168.5.7 to 00:06:4f:02:54:b1 via em2
Dec 4 07:25:49 sunfire1 dhcpd: DHCPREQUEST for 192.168.9.1 from 00:50:22:82:63:77 via em2
Dec 4 07:25:49 sunfire1 dhcpd: DHCPACK on 192.168.9.1 to 00:50:22:82:63:77 via em2
Dec 4 07:25:55 sunfire1 dhcpd: DHCPREQUEST for 10.2.254.211 from 00:06:4f:03:63:09 (hr) via em3
Dec 4 07:25:55 sunfire1 dhcpd: DHCPACK on 10.2.254.211 to 00:06:4f:03:63:09 (hr) via em3
Dec 4 07:26:05 sunfire1 dhcpd: DHCPREQUEST for 193.219.42.92 from 00:50:22:8d:9c:5b (biblio-stud) via em0
Dec 4 07:26:05 sunfire1 dhcpd: DHCPACK on 193.219.42.92 to 00:50:22:8d:9c:5b (biblio-stud) via em0
Dec 4 07:26:12 sunfire1 dhcpd: DHCPREQUEST for 192.168.45.111 from 00:1a:a0:60:31:2c via em2
Dec 4 07:26:12 sunfire1 dhcpd: DHCPACK on 192.168.45.111 to 00:1a:a0:60:31:2c via em2
Hi,
I would like to setup a FOR loop script to find out all the existing linux workstation in the network w/ ip address, hostname and linux version.
I created a basic FOR loop script:
for i in $(seq 1 254)
do
echo 10.72.169.$i >> result
ssh -o ConnectTimeout=3 root@10.72.169.$i... (14 Replies)
I need some help to write a C++ code that read and write the register of a sequencer. I have to make a code that relate the objects with the physical address but I am a bit confuse. Could someone suggest me how to proceed? in which parts do I split the code?
thanks (1 Reply)
We want to use RADIUS to authenticate our AIX server logins. Can anybody tell me how to set on AIX server up to use a Radius server to authenticate or point me to documentation on setting up AIX to use Radius to authenticate user login.
Our problem is that we have a few users that access our... (1 Reply)
I guess I probably ask a dumb question but why use RADIUS for authentication as there are many ways to do it, as authentication is basically a user/password check?
What is the benifit(s) of using it ?
Thanks! (3 Replies)
Hi,
I have to parse the dhcp.lease file and have to keep the most recent entry and remove the rest and also the number of lines between any two leases might not always be the same.
eg:
lease 5.5.5.252 {
starts Wed Jul 27 09:48:39 2011
ends Wed Jul 27 21:48:39 2011
tstp Wed Jul... (1 Reply)
Hello everyone, I have a question in regards to connecting with wpa_cli to a Radius server. I can connect fine through WPA Enterprise and WPA2 Enterprise, but I'm lost on trying to connect to Radius.
wpa_cli -iwlan0 set_network 0 ssid '"ssid"'
wpa_cli -iwlan0 set_network 0 key_mgmt WPA-EAP... (0 Replies)
Hi all
I have no idea what I am doing, I think I am learning...the previous linux admin left the company and I volunteered to help.
My first task is to create a user (X) account in the radius. I was able to do that.. This user (X) will be login in to a cisco device same as user (Z) .
... (3 Replies)
Hi,
we have multiple database instances running on solaris server like db1, db2 and db3. Below shown ipcs -pmb shared memory segment output. Using cpid value I want to relate to the database instances db1, db2 and db3. Please let me know how to do this?
$ ipcs -pmb
IPC status from <running... (9 Replies)
12-13-2008
