Log RulesMessage Logging
................................................................................................................................... .........................................................................................................................
365-360-001R6.0
Issue 1, December 2008 16-37
.................................................................................................................................... ........................................................................................................................
•Current Server Log Area - A specific area of the running 8950 AAA server. These
areas include one area for each plug-in in the PolicyFlow program, one for each
engine listener, etc. You may click to see a list of the currently available Log
Areas. This option is available only when the 8950 AAA server is running.
6. When done, click Next.
Result: The Matching Rule panel appears as shown in Figure 16-29.
Figure 16-29 Log Rule Configuration Wizard–Matching Rule
7. In this step you may define a matching rule to test the value of 8950 AAA PolicyFlow
variables.
•Match All Radius Requests - All RADIUS requests will be considered for logging
•Match Data in Radius with Expression - Only those RADIUS requests that match
the limited wildcard expression will be considered for logging. Further, logging
will only occur at those times when the expression is valid. For example, if a 8950
AAA variable matched in an expression changes value during the processing so
that it no longer matches the expression, the logging will stop.
– Enter an expression - Expressions are matched against PolicyFlow variables, such
as,
${request.User-Name}
– Enter the value that the expression must match
A possible value for the expression noted above might be
*@alcatel-lucent.com
Important! It is possible to match against more than one value. For example, the
expression: ${request.User-Name}-${request.NAS-IP-Address} might be matched
against the value “rdp-10.0.1.2” This expression would only match requests where the
User-Name was “rdp” and the request originated from a client with an address of
10.0.1.2.