3.130. <MessageLog xxxxxx>

This marks the beginning of a MessageLog clause, which defines how to log sent and received RADIUS, Diameter, and TACACS+ messages. The xxxxxx is the name of a specific MessageLog module. This section lists the parameters all MessageLogs use. MessageLogs can also use other parameters that are specific for that MessageLog. MessageLog clauses must be defined at the top level configuration.
You can have more than one MessageLog clause. For example RADIUS, Diameter, and TACACS+ typically have separate loggers. Message logging is not enabled by default. For more information about how to enable message logging, see top level configuration parameter in Section 3.7.51. GlobalMessageLog.
See goodies/logformat.cfg for a configuration sample.

3.130.1. Identifier

This specifies an optional symbolic name that can be used to refer to the logger from somewhere else.
# Log all incoming RADIUS message with MessageLog FILE
GlobalMessageLog radius,messagelograd

<MessageLog FILE>
      Identifier messagelograd
      Format text
      Filename %L/messagelog-%0-%1
</MessageLog>

3.130.2. LogSelectHook

This parameter defines an optional Perl hook that is run for each log message. If it returns true, the message is logged, otherwise logging is skipped. This is not defined by default and all messages are logged.
LogSelectHook has the following arguments:
  • direction
    This argument defines the direction and is either in or out.
  • protocol
    This argument defines the used protocol. The supported values are:
    • radius
    • radsec
    • diameter
    • tacacsplus
  • from_ip
  • from_port
  • to_ip
  • to_port
  • request_object
The following example logs only the messages from/to 10.10.10.10:
LogSelectHook sub { return 1 if ($_[2] eq '10.10.10.10' || $_[4] eq '10.10.10.10') }