Hi , I'm monitoring Frreradius 3.0 logscustomer ask to extract some log's fieldto have a more uesr friendly read data.
an example output of the log is:
Thu Apr 2 09:11:02 2020 : Auth: (245) Login OK: [TC1072127] (from client apn-1 port 0 cli 393401715526) #START_EVENT#GS_FramedIP=10.212.193.153,GS_Calling StationId=393401715526,GS_Username= TC1072127,GS_Password=3401715526,GS_Timestamp=1585 818662,GS_Auth=SUCCESS#END_EVENT#
iI have to extract date, userrname and password. i create and test the regex, shown in the key, but the output, alsop with \0 is null.
log[/etc/freeradius/3.0/logs/2020-04-02.log,"^(.*?) : .*.((?<=Login ).{1,2}).*.(?<=GS_FramedIP=)(.*)(?=,GS_CallingStat ionId=).*.(?<=GS_CallingStationId=)(.*)(?=,GS_User name=).*.(?<=GS_Username=)(.*)(?=,GS_Password=).*" ,,,,"\1 \2 \3 \4",,]
thnks for your help
an example output of the log is:
Thu Apr 2 09:11:02 2020 : Auth: (245) Login OK: [TC1072127] (from client apn-1 port 0 cli 393401715526) #START_EVENT#GS_FramedIP=10.212.193.153,GS_Calling StationId=393401715526,GS_Username= TC1072127,GS_Password=3401715526,GS_Timestamp=1585 818662,GS_Auth=SUCCESS#END_EVENT#
iI have to extract date, userrname and password. i create and test the regex, shown in the key, but the output, alsop with \0 is null.
log[/etc/freeradius/3.0/logs/2020-04-02.log,"^(.*?) : .*.((?<=Login ).{1,2}).*.(?<=GS_FramedIP=)(.*)(?=,GS_CallingStat ionId=).*.(?<=GS_CallingStationId=)(.*)(?=,GS_User name=).*.(?<=GS_Username=)(.*)(?=,GS_Password=).*" ,,,,"\1 \2 \3 \4",,]
thnks for your help
Comment