[tac_plus] Question about logging with tac_plus

heasley heas at shrubbery.net
Tue Apr 10 22:39:21 UTC 2012


Tue, Apr 10, 2012 at 05:00:02PM +0300, Cosmin Neagu:
> Hi,
> I want to know if it is posible to make tac_plus log into the default 
> log file ( tac_plus.log ) logs when users ask for access on network 
> equipment:
> Something like:
> Tue Apr 10 09:41:36 2012 : Auth: Login OK: [cosmin/parola] (from client 
> 172.31.1.211 port 1)
> 
> where 172.31.1.211 is the network equipment who asket tacacs for access 
> on behalf of the user.
> 
> I searched on internet but except:
> accounting file = /var/log/tac_plus.acct
> I did not find anything regarding logging user attempts to connect.

or accounting syslog

accouting is generated by the device, not the daemon.  the daemon just
receives the records.

other logging goes to syslog

loggging = syslog_facility

or specify a file with the -l option.  login failures are logged, like

Apr 10 22:38:34 guelah tac_plus[77645]: connect from 198.58.5.127 [198.58.5.127]
Apr 10 22:38:38 guelah tac_plus[77645]: login failure: heas 198.58.5.127 (198.58.5.127) tty2



More information about the tac_plus mailing list